truck

Privacy policy

AVA Global Privacy Policy

The AVA Global group of companies (AVA, we, us, our) respects your privacy and is committed to protecting all information from which an individual can be identified (personal data) and which you may provide to us or which we otherwise obtain in connection with the operation of our business (including via our website, www.thinkava.com).

This Privacy Policy sets out how we will use and protect your personal data, as well as information regarding your associated rights. Whilst we aim to give information about our privacy commitments directly to all individuals whose personal data we hold, we do from time to time acquire certain personal data via indirect means. Therefore, one of the purposes of this Privacy Policy is to provide privacy information to all relevant individuals, including those with whom we do not have a direct relationship.

We endeavour to process your personal data in accordance with applicable data protection laws, including (i) the UK Data Protection Act 2018; (ii) the UK General Data Protection Regulation; (iii) the EU General Data Protection Regulation; (iv) the Privacy and Electronic Communications (EC Directive) Regulations 2003; (v) the DIFC Law No. 5 of 2020 on Data Protection Law (and accompanying Data Protection Regulations); (vi) the Personal Data (Privacy) Ordinance (Cap. 486); and (vii) all equivalent legislation relating to the processing of personal data and/or privacy and which is applicable to AVA from time to time (in each case, as re-enacted, applied, amended, superseded, repealed or consolidated) (together, the Data Protection Laws).

1. Use of your personal data

Most commonly, we hold your personal data because:

  • you provide it directly to us when you engage with us - for example, when you contact us via our website or otherwise submit an enquiry regarding our services, as well as when you engage in discussions with us by phone, electronic means or in writing on behalf of the organisation by which you are engaged with respect to the provision of our services;
  • you provide services to us, have partnered with us or otherwise have a business dealing with us (or are employed or engaged by an organisation which provides services to us or which, has partnered with or has had a business dealing with us);
  • we learned it from someone else, either in the context of providing services to our clients, or in the context of our business more generally;
  • you are the next of kin of, or are otherwise connected to, an individual who is engaged or otherwise employed by us;
  • of our use of cookies on our website; and/or
  • it is publicly available.

We may collect the following information about you:

  • Identity and contact information: when contacting us (whether online, via telephone, via email, in writing, or otherwise) or visiting our offices, you may provide us with personal data about yourself, including your name, address, telephone number, job title and function. We may also obtain a copy of your signature if you accept delivery of a shipment that we have been engaged in the transport of.
  • Information about those related or connected to our staff: we sometimes ask members of our staff to provide details of their next of kin for the purpose of our emergency scenario planning or in case an incident occurs at work.  We may also ask for details of their dependents, spouses and/or other people in relation to their employee benefits arrangements, so that we can use this information for the benefit of our staff.
  • Know-Your-Client (KYC) information and other information related to anti-money laundering processes: when we are appointed to provide our services, we will require KYC, anti-money laundering, and other personal data which the law requires us to collect. We will only use KYC information for the purpose of verifying identity in connection with the provision of our services and as otherwise prescribed by law.
  • Physical access information: when you visit our offices, we may collect information regarding the time and date on which you visit us, as well as information about any access requirements you may have.
  • Information about individuals who are our suppliers and other business contacts: if you provide services to us or have a business dealing with us (or are employed or engaged by an organisation which provides services to us or has a business dealing with us), we may acquire your name, contact details and certain employment information (for example, your job title and details regarding the function you perform).
  • Profile and usage information: we may collect personal data about your preferences in receiving marketing information from us, as well as information such as user credentials necessary to access password-protected sections of our website. We may also collect information regarding how you use our website – please see section 2 of this Privacy Policy for further information.
  • Special category data: from time to time, including in connection with the fulfilment of our KYC obligations, we may obtain certain special category personal data (including, for example, information regarding your racial or ethnic origin and political opinions). For the same reason we may also have to collect and use information about criminal offences or alleged criminal offences.

We may use your personal data to:

  • provide and improve our services and to better understand the needs and interests of our clients;
  • carry out our day-to-day business operations, including the collection, processing and delivery of shipments, as well as internal record keeping and to support our client relationships;
  • carry out verification checks – for example, in relation to the fulfilment of our KYC and anti-money laundering obligations;
  • comply with our legal and regulatory obligations;
  • manage access to, and ensure the security of, our premises; and
  • send business and marketing communications which we think may be of interest to you.

The legal basis upon which we process your personal data is primarily for the purpose of pursuing our business interests as a provider of secure global logistics services. However, we may also process personal data for the purposes of complying with legal obligations to which we are subject, as well as in circumstances where this is necessary for the performance of a contract. In certain instances, we may rely on your express consent to process your personal data, however, we will ensure that you are aware of this (as well as your right to withdraw your consent) where this is the case.

2. Cookies and third-party websites

We use cookies, which are small text files that are placed on your device, when you visit our website.

When you visit any website, it may store or retrieve information on/from your browser, mostly in the form of cookies. This information might be about you, your preferences or your device and is primarily used to make the site work as you expect it to. We use cookies in order to make our website function, work more efficiently and to provide us with certain information. We use necessary cookies to make our site work and will also set other cookies that collect information about how our website is used where we have a right to do so.

To make you aware, you can indicate certain preferences about the cookies that are placed on your device via your browser settings.

Our website includes links to third-party websites, such as LinkedIn. Please note that when you click on a link to such a website, you will be leaving our website and accessing that other website. As such, the operators of those websites are solely responsible for any personal data which they collect about you via their website, and such data will be collected in accordance with their own privacy policies.

3. Retention of your personal data

We will only keep your personal data for as long as we reasonably require and, in any event, only for as long as Data Protection Laws and our internal rules allow.

4. Disclosure of your personal data

We may share your personal data with certain third parties who reasonably need it in order to perform a function for you or the organisation which you represent, or to provide a service to us (such as our third-party service providers, partners and professional advisors). In addition, it may be necessary to disclose your personal data if we are under a duty to do so to comply with our legal obligations. Personal data may also be shared with government authorities, law enforcement agencies, courts and/or similar bodies, for example to enforce our rights under any agreement that we have with you or where we are compelled to provide such information pursuant to applicable law.

Subject to the applicable laws, we may also share your personal data as required to allow for a change in ownership of our business. In the event of any such change of ownership, where required by Data Protection Laws, you will be notified that your personal data has been transferred to such third party and provided with an updated privacy notice.

It will sometimes be necessary for us to transfer your personal data outside the UK, the European Economic Area (EEA) or the Dubai International Financial Centre (DIFC) (as applicable) to third parties such as our affiliates, overseas advisors or service providers. Your personal data may also be accessed by staff operating outside the UK, the EEA or DIFC who work for us or for one of our suppliers. This includes people engaged in, among other things, the provision of support services to us. In such circumstances, we will take all steps reasonably necessary to ensure that your personal data is treated securely and is transferred in accordance with this Privacy Policy and Data Protection Laws. We may enter into contracts with entities based outside the UK, the EEA or DIFC where this is required by Data Protection Laws.

5. Data integrity and security

We strive to protect the privacy and security of the personal data that we hold. Our servers and databases are protected by industry standard network security measures and access to all such data is appropriately restricted.

6. Your rights in relation to your personal data

You have certain rights in relation to your personal data under Data Protection Laws, including rights to (subject to certain exemptions):

  • request access to, and rectification or erasure of, the personal data that we hold about you;
  • restrict our processing of your personal data in certain circumstances;
  • object to our processing of your personal data in certain circumstances; and
  • in some cases, ask us to transfer any personal data that we hold about you to you, or to a specified third party.

In addition, where we process your personal data on the basis of consent, you have the right to withdraw your consent to our processing at any time.

Please note that these rights may be limited (e.g. if fulfilling your request to access your personal data would reveal personal data about another person, or if you ask us to delete personal data which we are required by law to keep).

7. Changes to this Privacy Policy

We may review and update this Privacy Policy at any time - any changes will be posted on this page of our website. Therefore, we recommend that you review this Privacy Policy from time to time to ensure that you are aware of how we collect and use your personal data.

8. Contact us and complaints

Should you wish to exercise any of the rights set out in section 6 of this Privacy Policy, or if you have any questions or concerns about the way in which we have handled your personal data, please send an email to [email protected], marked for the attention of the Executive Team.

Should you wish to take any complaints further, you may have the right to contact the relevant data regulator or data protection authority, such as the UK Information Commissioner’s Office, the Office of the Privacy Commissioner for Personal Data (PCPD), the DIFC Commissioner of Data Protection or, if you are an EU data subject, one of the competent European supervisory authorities.

Last updated: September 2025