LogiFlow
Get Started

Privacy Policy

How LogiFlow collects, uses, and protects your data in compliance with Saudi Arabia's Personal Data Protection Law (PDPL)

Last Updated: December 2024

Overview

LogiFlow is an enterprise-grade logistics management system designed for Saudi Arabian cement transportation companies. This Privacy Policy explains how we collect, use, store, and protect personal data in compliance with the Saudi Personal Data Protection Law (PDPL).

We are committed to protecting your privacy and ensuring the security of all personal information processed through our platform.

Data We Collect

Employee Data (HR Module)

  • Full name, national ID number
  • Contact information (email, phone number)
  • Employment details (position, salary, hire date)
  • Emergency contact information
  • Attendance and leave records

Purpose: Employment management, payroll processing, legal compliance

Driver Data

  • Full name, national ID
  • Phone number
  • Driver's license number and expiry date
  • GPS location data (during active deliveries only)

Purpose: Fleet management, delivery tracking, safety compliance

Customer & Supplier Data

  • Company name, commercial registration (CR) number
  • Contact person name, phone, email
  • Business address and delivery location coordinates

Purpose: Order fulfillment, delivery services, business operations

User Account Data

  • Email address, full name, phone number
  • Role and system permissions
  • Login timestamps and activity logs

Purpose: System access, authentication, security audit trails

Location Data

Driver location is collected ONLY during active deliveries when drivers explicitly grant location permission. GPS coordinates are recorded every 30 seconds while in transit for real-time tracking, ETA calculations, and route optimization. Location data is retained for 90 days post-delivery, then automatically anonymized or deleted.

Your Rights Under PDPL

Right to Access

You can view your personal data through your profile page or by contacting your system administrator.

Right to Rectification

You can update incorrect data through your profile settings. For historical data corrections, contact your administrator. All changes are logged with timestamps.

Right to Deletion

You can request account deletion through your administrator. Personal data is anonymized within 30 days of deletion request. Transactional data is retained for 7 years as required by Saudi law.

Right to Object

Drivers can stop location tracking at any time by clicking "Stop Tracking" in the driver portal. You can opt out of marketing communications in your settings.

Right to Data Portability

You can export your data in JSON format. Contact your administrator with a formal request, and the export will be provided within 30 days.

Data Security

Access Control

LogiFlow implements Role-Based Access Control (RBAC) with five levels: Admin (full access), Manager (module-level), Operator (limited operations), Viewer (read-only), and Driver (assigned shipments only).

All database tables use Supabase Row Level Security (RLS) to enforce multi-tenant isolation. Users can only access their company's data.

Authentication

  • Secure password requirements with bcrypt hashing
  • Supabase Auth with HTTP-only cookies
  • Session timeout after 30 minutes of inactivity
  • Login attempt monitoring and brute-force protection

Data Encryption

  • TLS 1.3 encryption for all data in transit
  • AES-256 encryption for sensitive data at rest
  • Encrypted database backups stored in geographically distributed locations

Monitoring & Auditing

All system access and data modifications are logged with timestamps and user information. Audit logs are retained for 12 months and reviewed regularly by security teams.

Contact Us

For questions about this Privacy Policy or to exercise your data protection rights, contact us:

  • Email: info@logiflowsystem.com
  • Phone: +966 54 227 2069
  • Address: Riyadh, Kingdom of Saudi Arabia

We will respond to all privacy-related inquiries within 30 days as required by PDPL.