top of page

Privacy Policy

Last updated: 1 December 2025

This Privacy Policy explains how Cargosrate (“Cargosrate”, “we”, “us” or “our”) collects, uses, shares and protects information about you when you:

  • visit or use our websites,

  • use our web or mobile applications, or

  • use any services, tools or platforms we provide (together, the “Platform” or “Services”).

 

By using the Platform, you acknowledge that you have read this Privacy Policy and understand how we process your personal data in connection with the Services.

If you do not agree with this Privacy Policy, please do not use the Platform.

1. Who we are and how to contact us

Cargosrate is a digital platform that connects freight forwarders, airlines and other logistics stakeholders to search, compare and book cargo capacity and related services.

For the purposes of applicable data protection laws, Cargosrate generally acts as a data controller for the personal data described in this Privacy Policy.

Controller details (to be customized):
Cargosrate
[Riyadh], [Kingdom of Saudi Arabia]
Email: [privacy@cargosrate.com] (or your preferred address)

If you have any questions about this Privacy Policy or how we handle your personal data, you can contact us at the email above.

 

2. Scope of this Privacy Policy

This Privacy Policy applies to:

  • visitors to our public websites,

  • registered business users of the Platform (e.g. freight forwarders, airlines, GSAs, agents, shippers), and

  • individuals who interact with us by email, phone, forms, or through events and marketing.

This Privacy Policy does not apply to websites, apps or services that are not operated by Cargosrate, even if they are linked from our Platform.

 

3. Key definitions

For simplicity, we use the following terms:

  • “Personal Data” means any information that identifies, or can reasonably be used to identify, an individual (for example: name, email, phone number, IP address, ID number, etc.).

  • “Processing” means any operation performed on Personal Data, such as collection, recording, organization, storage, use, disclosure or deletion.

  • “You” / “your” means any individual whose Personal Data we process under this Privacy Policy (for example, a contact person at a freight forwarder or airline).

Terms like “controller”, “processor” and “data subject” are used according to applicable laws such as the EU General Data Protection Regulation (GDPR) and the Saudi Personal Data Protection Law (PDPL), where relevant.

 

4. What data we collect

The Personal Data we collect depends on how you interact with us.

 

4.1 Data you provide directly

When you interact with us, you may provide:

  • Account and profile data

    • Name, job title, role

    • Company name, business address, country

    • Business email address, phone number, communication language

    • Login details (username, password or authentication tokens)

  • Business and transaction data

    • Booking details (routes, dates, cargos, prices, surcharges)

    • Airline, GSA, forwarder, agent or shipper details

    • Documents you upload or share (e.g. commercial invoices, AWBs, B/Ls, IDs if required, power of attorney, KYC documents)

  • Communication data

    • Messages and enquiries via forms, chat, email or phone

    • Feedback, surveys, support requests and complaint details

  • Marketing preferences

    • Your choices about receiving newsletters, product updates or event invitations.

 

4.2 Data we collect automatically

When you access or use our Platform, we may automatically collect:

  • Technical data

    • IP address

    • Device identifiers, browser type, operating system, language settings

    • Date and time of access, URLs visited, referring/exit pages

  • Usage data

    • Features you use, buttons clicked, pages viewed

    • Search queries, filters and settings used in the Platform

    • Performance and diagnostic information (e.g. error logs)

  • Cookie and tracking data
    We use cookies and similar technologies (e.g. pixels, scripts, web beacons) for purposes such as:

    • keeping you logged in,

    • remembering your settings and preferences,

    • measuring and improving performance and user experience, and

    • supporting analytics and, where allowed, marketing.

You can control cookies through your browser settings or any cookie banner we provide. Some cookies are essential for the Platform to function and cannot be disabled.

 

4.3 Data from third parties

We may receive Personal Data about you from:

  • Your employer, colleagues or other business contacts who create or manage an account on your behalf

  • Airlines, GSAs, agents, forwarders or other partners you interact with through the Platform

  • Payment and financial service providers

  • Identity verification, fraud prevention and KYC providers (where used)

  • Publicly available sources (e.g. company websites, trade registries, professional networks)

  • Marketing and events partners (e.g. if you register for a webinar or conference).

We combine this data with what we collect directly and automatically.

 

5. Why we use your data (purposes and legal bases)

We process your Personal Data only where we have a valid legal basis under applicable law (for example, PDPL, GDPR or similar laws). Depending on your location and our relationship, this may include:

 

5.1 To provide and operate the Platform

Legal basis: performance of a contract; legitimate interests

  • Creating and managing user accounts and profiles

  • Enabling you to search, view and book capacity, rates and services

  • Facilitating communication and transactions between forwarders, airlines and other parties

  • Processing payments and issuing invoices or statements

  • Providing customer support and resolving issues.

 

5.2 To maintain security and prevent abuse

Legal basis: legitimate interests; legal obligations

  • Protecting the Platform and our users from fraud, misuse and security incidents

  • Monitoring, detecting and preventing suspicious or unauthorized activity

  • Enforcing our terms, policies and contractual rights.

 

5.3 To improve our Services and develop new features

Legal basis: legitimate interests

  • Analyzing usage patterns and performance

  • Testing, troubleshooting and optimizing user experience

  • Developing new tools, modules and integrations.

Where possible, we use aggregated or anonymized data for these purposes.

 

5.4 To communicate with you

Legal basis: performance of a contract; legitimate interests; consent (where required)

  • Sending service-related communications (e.g. booking confirmations, operational updates, security alerts, changes to terms or policies)

  • Responding to your questions, feedback or support requests.

 

5.5 Marketing and business development

Legal basis: consent; legitimate interests (B2B marketing where permitted)

  • Sending newsletters, product and feature updates, industry content and event invitations

  • Running surveys, campaigns or promotions

  • Measuring the effectiveness of our marketing activities.

You can opt out of marketing emails at any time by using the unsubscribe link in the email or contacting us.

 

5.6 Compliance with legal obligations

Legal basis: legal obligations

  • Complying with applicable data protection, commercial, tax, accounting and other laws

  • Complying with lawful requests from regulators, law enforcement or other authorities

  • Keeping necessary records for dispute resolution and regulatory audits.

 

6. Cookies and similar technologies

We may use the following types of cookies on the Platform:

  • Strictly necessary cookies
    Required for core functionality (e.g. login, security, user sessions).

  • Functional cookies
    Remember your preferences such as language, region or saved filters.

  • Analytics cookies
    Help us understand how users interact with the Platform and improve performance and usability.

  • Marketing cookies (where applicable)
    Used to deliver or measure advertising and communications that may be relevant to you.

Where required by law, we will ask for your consent before placing non-essential cookies. You can withdraw or change your consent at any time through the cookie banner or your browser settings.

 

7. How we share your personal data

We do not sell your Personal Data. We may share it in the following situations:

 

7.1 Other users and business partners

To provide the Services, we may share your Personal Data with:

  • Airlines, GSAs and capacity providers when you search, request or book capacity, or when they list capacity on the Platform

  • Freight forwarders, agents and shippers involved in a given booking or transaction

  • Other parties that you or your company explicitly authorize us to share data with (e.g. local partners or agents).

The information shared typically includes your business contact details, company information and relevant booking or transaction data.

 

7.2 Service providers (processors)

We use trusted third-party service providers to support our operations, such as:

  • Cloud hosting and infrastructure providers

  • IT, security, monitoring and logging services

  • Data analytics and business intelligence tools

  • Payment and financial service providers

  • CRM, email, live chat and customer support tools

  • Professional advisers (e.g. law firms, auditors, consultants).

These providers are only allowed to process Personal Data on our instructions and must apply appropriate security measures.

 

7.3 Legal and regulatory disclosures

We may disclose Personal Data where we believe it is necessary to:

  • comply with applicable laws, regulations or legal processes,

  • respond to legitimate requests from public authorities, or

  • protect the rights, property or safety of Cargosrate, our users or others.

 

7.4 Business transfers

If we are involved in a merger, acquisition, financing, reorganization, sale of assets or similar transaction, Personal Data may be shared with prospective or actual transaction partners and their advisers, subject to appropriate confidentiality safeguards.

 

8. International transfers

Cargosrate operates in a global industry. Your Personal Data may be transferred to and stored in countries outside your own, including where some of our partners or service providers are located.

When we transfer Personal Data internationally, we:

  • take steps to ensure a suitable level of protection (for example, using contractual safeguards where required), and

  • comply with applicable legal requirements for cross-border data transfers, including those under the Saudi PDPL and other relevant data protection laws, where they apply.

 

9. Data retention

We keep Personal Data only for as long as reasonably necessary to:

  • provide the Services and manage our relationship with you or your company,

  • comply with legal, regulatory, accounting or reporting obligations, and

  • resolve disputes and enforce our agreements.

Retention periods may differ depending on the type of data and the purpose of processing. When data is no longer needed, we will delete it or anonymize it in a secure manner.

 

10. Data security

We implement appropriate technical and organizational measures to protect Personal Data against unauthorized access, loss, misuse, alteration or destruction. These measures may include:

  • access controls and authentication,

  • encryption in transit and/or at rest (where appropriate),

  • segmentation and logging,

  • backup and recovery procedures, and

  • internal policies and staff training.

However, no system can be guaranteed to be completely secure. If you believe that your account or interaction with us is no longer secure, please contact us immediately.

 

11. Your rights

Depending on your location and the applicable law (for example, PDPL in Saudi Arabia or GDPR in the EEA/UK), you may have some or all of the following rights:

  • Access: request confirmation whether we process your Personal Data and obtain a copy.

  • Rectification: request correction or completion of inaccurate or incomplete data.

  • Deletion: request deletion of your Personal Data in certain circumstances.

  • Restriction: request that we limit processing of your Personal Data in certain cases.

  • Objection: object to certain types of processing, especially where we rely on legitimate interests or use your data for direct marketing.

  • Portability: request to receive your Personal Data in a structured, commonly used and machine-readable format, and have it transmitted to another controller where technically feasible.

  • Withdraw consent: where processing is based on your consent, you can withdraw that consent at any time (this does not affect processing carried out before withdrawal).

You also have the right to lodge a complaint with a competent data protection authority (for example, the Saudi Data & AI Authority (SDAIA) under the PDPL, or your local supervisory authority).

To exercise any of these rights, please contact us using the details in Section 1. We may need to verify your identity and ask for additional information to process your request.

 

12. Children’s privacy

Our Platform is designed for business users in the air cargo and logistics industry and is not intended for children. We do not knowingly collect Personal Data from children under the age required by applicable law.

If you believe that a child has provided Personal Data to us, please contact us so that we can take appropriate steps to delete the data.

 

13. Third-party websites and services

The Platform may contain links to third-party websites, applications or services (for example, airlines, payment providers, analytics or tools). We are not responsible for the privacy practices of those third parties.

We encourage you to review the privacy policies of any third-party sites or services before providing Personal Data to them.

 

14. Changes to this Privacy Policy

We may update this Privacy Policy from time to time, for example to reflect:

  • changes in our Services or business model,

  • legal or regulatory developments, or

  • improvements in how we explain our practices.

When we make material changes, we will take appropriate steps to inform you, such as publishing a prominent notice on the Platform or sending you an email, and we will update the “Last updated” date at the top.

Your continued use of the Platform after the updated Privacy Policy becomes effective means you accept the changes.

 

15. How to contact us

If you have any questions, concerns or requests regarding this Privacy Policy or our data practices, you can contact us at:

Cargosrate
Attn: Privacy / Data Protection
[Riyadh], [Kingdom of Saudi Arabia]
Email: [privacy@cargosrate.com]

Together, we move Saudi logistics forward 

bottom of page