Client Personal Information
Left Brain Logistics, LLC (“LBL”) provides logistical and shipping assistance to a global clientele of companies and organizations in many diverse industries and regions. In order to provide these services, LBL typically needs to collect or otherwise process both online and offline records and data relating to a client’s customers. Some of this information is collected directly from suppliers and their agents, while some may be collected from other sources such as insurance companies, rating agencies, business databases and public records including but not limited to, business filings, license registrations, Uniform Commercial Code filings and court records or any other information lawfully requested by our client. Some of this information may constitute “personal information” or “personal data” relating to an identified, or reasonably identifiable, individual under applicable law, which we refer to as “Personal Information.”
We collect or otherwise process Personal Information strictly on behalf of our client to fulfill the purpose of our agreement with the client. In its role as a service provider and data processor with respect to Personal Information, LBL is committed to complying with applicable privacy and data protection laws, and to helping clients comply with their own obligations under those laws.
United States Residents
Some of our clients may be “businesses” as defined in the California Consumer Privacy Act of 2018, as amended (the “CCPA”). To the extent our services to those clients require us to collect, use, retain, disclose or otherwise process Client Personal Information that is subject to the CCPA, we do so strictly as our client’s “service provider” as defined in the CCPA.
To the extent our services to those clients require us to collect, use, retain, disclose or otherwise process Personal Information that is subject to federal privacy laws, we do so strictly as our client’s service provider pursuant to business associate agreements or other appropriate terms.
We do not sell Personal Information. We do not collect, retain, use, disclose or otherwise process Personal Information for any purpose other than for the purpose of performing the services specified in our agreement with the client. We do not collect, retain, use, disclose or otherwise process Personal Information outside of our direct business relationship with the client. We work with clients and our own sub-contractors to ensure that our agreements with them incorporate those and other restrictions as necessary, and to support responses to consumer requests under the CCPA or applicable federal law.
Data Subjects In The European Economic Area And Elsewhere Outside The United States
Some of our clients are “data controllers” as defined in the EU’s General Data Protection Regulation (“GDPR”) or other laws governing data protection in countries outside of the United States. To the extent our services to those clients require us to process Personal Information that is subject to those laws, we do so strictly as our client’s “data processor” as defined in the GDPR or other applicable law.
We follow our clients’ instructions regarding the purposes for which Personal Information is to be processed, and endeavor to conduct that processing subject to conditions set forth in Article 28 of the GDPR or elsewhere under applicable law. We work with clients and our authorized sub-processors to ensure that our agreements with them incorporate those conditions as necessary, and to support responses to data subject requests, and other obligations our clients may have, under the GDPR and other laws that may apply. Where necessary and appropriate, our agreements with clients incorporate other appropriate safeguards, such as standard data protection clauses adopted by the European Commission or another supervisory authority for international transfers of personal data.
We maintain reasonable security measures to ensure that access to any Client Personal Information is restricted only to authorized individuals who need access for a legitimate business purpose, and to protect Client Personal Information against unauthorized access, theft, or loss.