Privacy Policy

1. Who We Are and How to Contact Us

STRATUM GLOBAL RISK LTD (trading as Stratum Cargo) is the data controller responsible for your personal data. We are registered in England and Wales under Company Number 17213902. Our registered office is at 128 City Road, London, United Kingdom, EC1V 2NX.

If you have any questions about this Privacy Policy, wish to exercise your data protection rights, or wish to make a complaint, please contact us in writing at our registered address above or via the contact form on our website at oneworldclassroom.com/contact.html. We will respond to all data protection queries within one calendar month of receipt.

We are committed to processing your personal data lawfully, fairly, and transparently. This Privacy Policy explains what personal data we collect, why we collect it, how we use it, who we share it with, how long we keep it, and what rights you have in relation to it.

2. Personal Data We Collect

We collect and process the following categories of personal data:

• Identity Data: first name, last name, job title, company name.
• Contact Data: postal address, email address, telephone numbers (including WhatsApp contact details).
• Transaction Data: details of services you have requested or purchased from us, booking references, shipment details, and payment information.
• Technical Data: Internet Protocol (IP) address, browser type and version, time zone setting, browser plug-in types and versions, operating system, and platform collected when you visit our website.
• Usage Data: information about how you use our website, including pages visited, traffic sources, and click behaviour.
• Marketing and Communications Data: your preferences in receiving marketing from us and your communication preferences.
• Compliance Data: government-issued identification documents and Know Your Customer (KYC) information where required for regulatory or customs compliance purposes.

We do not intentionally collect any Special Categories of personal data (such as data about your race, ethnicity, health, religious beliefs, or sexual orientation). We do not collect personal data from children under 18 years of age, and our services are directed solely at business customers and adults.

3. How We Collect Personal Data

We collect personal data through the following means:

• Direct interactions: when you submit an enquiry or quote request through our website contact forms, communicate with us by telephone, email, post, or WhatsApp, or enter into a contract for our services.
• Automated technologies: as you interact with our website, we may automatically collect technical data using cookies and similar tracking technologies. Please see Section 10 (Cookies) for further information.
• Third parties and publicly available sources: we may receive data about you from Companies House, credit reference agencies, trade directories, or third-party carriers where you have engaged their services in connection with a shipment we are managing.

4. Lawful Basis for Processing

We will only process your personal data where we have a lawful basis to do so. The lawful bases we rely upon are:

• Performance of a contract: processing necessary to provide the freight and logistics services you have engaged us to perform, including arranging shipments, preparing customs documentation, and managing your account.
• Legitimate interests: processing necessary for our legitimate business interests, including responding to enquiries, preventing fraud, maintaining the security of our systems, and improving our services, where those interests are not overridden by your rights and interests.
• Legal obligation: processing necessary to comply with our legal and regulatory obligations, including customs and trade compliance requirements, anti-money laundering legislation, and tax obligations.
• Consent: where you have provided explicit consent, such as for receiving marketing communications. You may withdraw consent at any time by contacting us at our registered address.

5. How We Use Your Personal Data

We use your personal data for the following purposes:

• To respond to freight and logistics enquiries and provide quotations.
• To perform and manage contracts for freight forwarding, customs brokerage, cargo insurance, and ancillary services.
• To process and manage bookings, shipments, and related documentation.
• To communicate with you regarding your shipments, service updates, and operational matters.
• To comply with customs, tax, sanctions screening, and other regulatory requirements.
• To manage our relationship with you, including handling complaints and resolving disputes.
• To send you marketing communications where you have consented or where we have a legitimate interest in doing so, and you have not opted out.
• To analyse usage of our website to improve its performance and content.
• To detect and prevent fraud and maintain the security of our systems.

6. Sharing Your Personal Data

We may share your personal data with the following categories of recipients where necessary for the provision of our services or to comply with legal obligations:

• Carriers and shipping lines: ocean, air, road, and rail carriers whose services we book on your behalf.
• Customs authorities: HMRC, Border Force, and customs authorities in countries of origin and destination, as required by law.
• Port operators and terminal handlers: for the physical handling and movement of your cargo.
• Insurance providers: where we arrange cargo insurance on your behalf.
• IT and technology service providers: who provide website hosting, CRM, email, and data storage services under appropriate data processing agreements.
• Professional advisers: solicitors, accountants, and auditors bound by professional duties of confidentiality.
• Regulatory and law enforcement authorities: where required by applicable law, court order, or regulatory obligation.

We do not sell, rent, or trade your personal data to third parties for their own marketing purposes. We require all third parties to respect the security of your personal data and to treat it in accordance with applicable law.

7. International Data Transfers

The nature of global freight and logistics means that your personal data may be transferred to, and processed in, countries outside the United Kingdom, including countries that may not have data protection laws equivalent to UK standards. Where such transfers occur, we implement appropriate safeguards in accordance with UK GDPR requirements, including reliance on UK adequacy decisions, Standard Contractual Clauses approved by the Information Commissioner's Office, or other lawful transfer mechanisms.

Transfers of customs data to government authorities abroad are made pursuant to legal obligations under international trade law and applicable bilateral or multilateral agreements.

8. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or regulatory reporting requirements. Our standard retention periods are as follows:

• Customer and transactional data relating to completed shipments: 7 years from the date of the last transaction, to comply with HMRC and Companies Act requirements.
• Customs documentation and declarations: 6 years from the date of clearance, as required by HMRC.
• Enquiry and quotation records where no contract resulted: 2 years from the date of enquiry.
• Marketing consent records: until consent is withdrawn and for a reasonable period thereafter.
• Website usage and technical data: up to 26 months.

At the end of the applicable retention period, personal data is securely deleted or anonymised.

9. Your Data Protection Rights

Under the UK GDPR you have the following rights in relation to your personal data, subject to applicable exemptions:

• Right of access: the right to obtain a copy of the personal data we hold about you (a Subject Access Request).
• Right to rectification: the right to have inaccurate or incomplete personal data corrected.
• Right to erasure: the right to request deletion of your personal data in certain circumstances, including where it is no longer necessary for the purpose for which it was collected.
• Right to restrict processing: the right to request that we restrict the processing of your personal data in certain circumstances.
• Right to data portability: the right to receive personal data you have provided to us in a structured, commonly used, machine-readable format.
• Right to object: the right to object to the processing of your personal data where we rely on legitimate interests as our lawful basis, and to object to direct marketing at any time.
• Rights relating to automated decision-making: we do not make solely automated decisions that have a significant legal or similar effect on individuals.

To exercise any of these rights, please submit a written request to our registered address. We will respond within one calendar month, and this period may be extended by a further two months where the request is complex or numerous, with notification to you. We will not charge a fee for responding to a rights request unless the request is manifestly unfounded or excessive.

If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK supervisory authority for data protection, at www.ico.org.uk or by calling 0303 123 1113.

10. Cookies

Our website uses cookies and similar technologies to distinguish you from other users, improve your browsing experience, and analyse how our site is used. A cookie is a small text file placed on your device. We use the following categories of cookies:

• Strictly necessary cookies: essential for the operation of the website, such as enabling you to complete forms and navigate securely. These cannot be disabled.
• Analytical/performance cookies: allow us to understand how visitors interact with our website by collecting and reporting information anonymously.
• Functionality cookies: remember your preferences, such as your cookie consent choice, to provide a more personalised experience.

You may manage your cookie preferences at any time by adjusting the settings in your browser. Disabling cookies may affect the functionality of our website. By clicking "Accept Cookies" on the cookie banner displayed on our site, you consent to our use of non-essential cookies.

11. Security

We have implemented appropriate technical and organisational security measures to protect your personal data against accidental loss, unauthorised access, alteration, disclosure, or destruction. These measures include access controls, encryption in transit, and regular security reviews. We limit access to personal data to those employees, contractors, and third parties who have a legitimate business need to access it, and require all such parties to maintain confidentiality.

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the ICO within 72 hours of becoming aware of it and will notify affected individuals without undue delay where required.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or applicable law. The updated policy will be posted on this page with a revised "Last Updated" date. We encourage you to review this page periodically. Where changes are material, we will take reasonable steps to notify you, for example by email or by a prominent notice on our website. Your continued use of our services following notification of changes constitutes acceptance of the revised Privacy Policy to the extent permitted by law.