Privacy Policy

Privacy Policy

Effective Date: 01/01/2025
Last Updated: 17/03/2026

1. Introduction

Welcome to Delopt, a delivery optimization API provided by Transopt (“Company,” “we,” “our,” or “us”). This Privacy Policy explains how we collect, use, and protect information in compliance with the EU General Data Protection Regulation (GDPR) and Greek Law 4624/2019.

2. Roles in Data Processing

  • Transopt as Controller: We are the Controller for information related to our business relationship with you (e.g., your account details, billing, and usage logs).
  • Transopt as Processor: We act as a Processor for any personal data you send through our API (e.g., delivery addresses, recipient names, or driver GPS coordinates). You, as the Customer, remain the Data Controller for that information.

3. Information We Collect

  • Account Information: Name, business email, phone number, and password used to manage your API access.
  • API Payload Data: Information you submit via API requests, including delivery locations (lat/long or addresses), timestamps, and vehicle identifiers.
  • Technical & Usage Data: IP addresses, API keys used, request frequency, and error logs to monitor performance and prevent abuse.
  • Billing Information: Tax ID (AFM), billing address, and payment method details processed via secure third-party providers (e.g., Stripe).

In accordance with GDPR, we process data based on:

  • Contractual Necessity: To provide the optimization services you signed up for.
  • Legal Obligation: To comply with Greek tax and accounting laws.
  • Legitimate Interest: To maintain API security, improve our optimization algorithms, and prevent fraud.

5. How We Use Your Information

  • To calculate and return optimized delivery routes.
  • To provide technical support and API documentation updates.
  • To generate invoices and manage subscriptions.
  • To monitor API health and ensure fair usage across our infrastructure.

6. Data Sharing and Disclosure

We do not sell your data. We share information only with:

  • Sub-processors: Cloud hosting (e.g., AWS/Google Cloud) and essential infrastructure tools located within the EEA or countries with adequacy agreements.
  • Legal Authorities: When required by Greek or EU law to comply with audit or security requests.

7. Data Security

We implement strict technical measures, including:

  • Encryption of data in transit (TLS/HTTPS).
  • Encryption of data at rest.
  • Strict API key authentication and access logs.

8. Data Retention

  • Account Data: Retained for the duration of your subscription and up to 10 years for tax compliance.

9. Your Rights (GDPR)

Under EU law, you (and where applicable, your data subjects) have the right to:

  • Access, rectify, or erase personal data.
  • Object to or restrict processing.
  • Data portability.
  • Withdraw consent at any time.

To exercise these rights, please contact us at support@transopt.io. You also have the right to lodge a complaint with the Hellenic Data Protection Authority (<www.dpa.gr>).

10. International Transfers

We prioritize processing data within the European Economic Area (EEA). If data is transferred outside the EEA, we ensure Standard Contractual Clauses (SCCs) are in place to maintain a high level of protection.

11. Contact Us

Transopt Ivis 102, Glyfada, 16675, Athens, Greece
Email: support@transopt.io