CTMS Privacy Policy

Effective date: 2020-07-17

1. Introduction

The TRIPARTITE TRANSPORT AND TRANSIT FACILITATION PROGRAMME (TTTFP) is a program funded by the European Union from the 11th European Development Fund. The TTTFP developed the Corridor Trips Monitoring System (CTMS) Crew Member App (hereinafter referred to as “Service”) as an immediate remedial response to the COVID-19 pandemic to ensure safe and continual cross border movement of persons and transportation of goods among the Member/Partner States of the Tripartite along the Regional Corridors. The Tripartite was formed by the three regional economic communities of COMESA (Common Market for Eastern and Southern Africa), EAC (East African Community) and SADC (Southern African Development Community) and comprises the 29 Member/Partner States (“us”, “we”, or “our”) of COMESA, EAC and SADC.

Although the CTMS Crew Member App was produced with the financial support of the European Union, its contents are the sole responsibility of the Tripartite Member/Partner States through the TTTFP and do not necessarily reflect the views of the European Union.

Our Privacy Policy governs your use of the Service, and explains how we collect, use, process, and disclose information that results from your use of our Service.

By using the Service, you agree to the collection and use of information in accordance with this policy. Unless otherwise defined in this Privacy Policy, the terms used in this Privacy Policy have the same meanings as in our Terms and Conditions.

Our Terms and Conditions (“Terms”) govern all use of our Service and together with the Privacy Policy constitutes your agreement with us (“Agreement”).

2. Definitions

DATA CONTROLLER means a natural or legal person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed. For the purpose of this Privacy Policy, we are a Data Controller of your data.

DATA SUBJECT is any living individual who is the subject of Personal Data

PERSONAL DATA means data about a living individual who can be identified from those data (or from those and other information either in our possession or likely to come into our possession).

SERVICE means the CTMS Crew Member App mobile application.

THE USER is the individual using our Service, and corresponds to the Data Subject, who is the subject of Personal Data.

USAGE DATA is data collected automatically either generated by the use of Service or from the Service infrastructure itself (for example, the duration of a page visit).

3. Types of Data Collected

Personal Data

While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to identify you (“Personal Data”). This information is necessary to allow us to comply with our legal obligations in terms of any regional agreements and national laws. Without it, we may not be able to provide you with all the requested services. Personally, identifiable information may include, but is not limited to the following for purposes of and during participation in cross border road transport among the Tripartite Member/Partner States only:

  1. Identification Number
  2. Passport Number
  3. Driving Licence Number
  4. COVID-19 Medical Test Results
  5. GPS Tracking Data

We will not use your Personal Data to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you.

Location Data

We may use and store information about your precise or approximate location as determined through data such as your mobile device’s GPS location (“Location Data”). We use this data to provide features of our Service. We may also collect this information even when you are not using the app when you are participating in cross border road transport only.

Most mobile devices allow you to control or disable the use of location services for applications in the device’s settings menu. Please note, the use of location services is a mandatory requirement for drivers and crew members while participating in cross border road transport during the COVID-19 pandemic and this Service cannot be used without enabling location services.

Usage Data, Log Data and Device Information

We automatically collect log data and device information when you access and use the Service, even if you have not created an account or logged in. That information includes, among other things: details about how you’ve used the Service, IP address, access dates and times, hardware and software information, device information, device event information, unique identifiers, crash data, cookie data and other diagnostic data.

4. Use of Data

We use, store, and process information, including personal information, about you to provide, understand, improve, and develop the Service, create and maintain a trusted and safer environment, and comply with our legal obligations in terms of regional agreements and national legislation. TTTFP uses the collected data for the following purposes:

  1. to provide and maintain our Service;
  2. to allow you to participate in interactive features of our Service;
  3. to provide customer support;
  4. to gather analysis or valuable information so that we can improve our Service;
  5. to monitor the usage of our Service;
  6. to detect, prevent and address technical issues;
  7. to fulfill any other purpose for which you provide it;
  8. to carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection; and
  9. in any other way we may describe when you provide the information.

5. Retention of Data

We will retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and give effect to our legal obligations.

We will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period, except when this data is used to strengthen the security or to improve the functionality of our Service, or we are legally obligated in terms of regional agreements or national laws to retain this data for longer time periods.

6. Transfer of Data

Your information, including Personal Data, may be transferred to – and maintained on – computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction.

If you are located outside the two countries where the Service is hosted and provide information to us, please note that we transfer the data, including Personal Data, to the two hosting countries located within the Tripartite and process it there.

Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

TTTFP will take all the steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organisation or a country unless there are adequate controls in place including the security of your data and other personal information.

7. Disclosure of Data

We may disclose personal information that we collect or you provide.

Compliance with Law, Responding to Legal Requests, Preventing Harm and Protection of our Rights

Under certain circumstances, we may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities, law enforcement or governmental authorities, or authorised third parties, if and to the extent we are required or permitted to do so by law or if such disclosure is reasonably necessary to:

  1. comply with our legal obligations in terms of regional agreements or national laws;
  2. comply with legal processes and to respond to claims asserted;
  3. respond to verified requests relating to a criminal investigation or alleged or suspected illegal activity or any other activity that may expose us, you, or any other of our users to legal liability;
  4. enforce and administer our Terms of Service or give effect to a regional agreement or a national law, or
  5. protect the rights or property of the Tripartite Member/Partner States or members of the public.

Please note, disclose of your Personal and Location Data in response to valid requests by authorised third parties is a mandatory requirement to be able to make use of the Service.

We will not notify Users in the event where we disclose Personal and Location Data in response to valid requests third parties who are authorised in terms of a regional agreement or a national law. In instances where we comply with legal requests without notice to the User, we will not attempt to notify that User about the request after the fact.

Aggregated Data

We may also share aggregated information (information about our users that we combine together so that it no longer identifies or references an individual user) and other anonymized information for regulatory compliance, industry and market analysis, and other business purposes.

Other cases

We may disclose your information also:

  1. to fulfil the purpose for which you provide it;
  2. for any other purpose disclosed by us when you provide the information;
  3. If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of the Company, our customers, or others.

8. Security of Data

The security of your data is important to us and we take all necessary precautions to safeguard your data while on our servers. However, it should be noted that data may be intercepted during transmission over the Internet or from your device should you fail to prevent the installation of malware on your device or may be copied from your device, should you lose your device. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security as no method of electronic storage is 100% secure.

9. Other Important Information

9.1 Analysing your Communications

We may review, scan, or analyse your communications on the Service for fraud prevention, risk assessment, regulatory compliance, investigation, product development, research, and customer support purposes. In some cases, we may also scan, review, or analyse messages to debug, improve, and expand product offerings. We use automated methods where reasonably possible. However, occasionally we may need to manually review some communications, such as for fraud investigations and customer support, or to assess and improve the functionality of these automated tools. We will not review, scan, or analyse your communications to send third party marketing messages to you, and we will not sell reviews or analyses of these communications.

These activities are carried out based on our legitimate interest in ensuring compliance with applicable laws and our Terms, preventing fraud, promoting safety, and improving and ensuring the adequate performance of our Service.

9.2 Google Maps/Earth

Parts of the CTMS Platform use Google Maps/Earth services, including the Google Maps API(s). Use of Google Maps/Earth is subject to Google Maps/Earth Additional Terms of Use and the Google Privacy Policy.

9.3 Your Data Protection Rights

If you wish to be informed what Personal Data we hold about you and if you want it to be removed from our systems, please email us at [email protected]. Please note that we may ask you to verify your identity before responding to such requests. Please note, we may not able to provide the Service without some necessary data.

You have the right to complain to the Chairperson of the Tripartite Regional Trade and Transport Facilitation Committee, established by the Tripartite Council of Ministers under Article 6.1(f) of the Memorandum of Understanding on Inter Regional Cooperation and Integration amongst COMESA, the EAC and SADC, 2005, about our collection and use of your Personal Data.

9.4 Third Party Service Providers

We may employ third party companies and individuals to facilitate our Service (“Service Providers”), provide Service on our behalf, perform Service-related services or assist us in analysing how our Service is used.

These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

10. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. You are advised to review this Privacy Policy periodically for any changes.

11. Contact Us

If you have any questions about this Privacy Policy, please contact us by email: [email protected]