How long must proof of delivery documents be retained in the Netherlands and Belgium?

For Dutch businesses: the Belastingdienst requires financial records, including delivery documentation used for invoicing, to be retained for 7 years. In Belgium, a similar 7-year retention applies for commercial records. CMR documents for international road transport are governed by the CMR Convention, which establishes a 1-year claim period but a 3-year window for fraudulent acts.

Does Podfy store data in the EU?

Yes. All delivery documents stored via Podfy are held in Cloudflare's EU-WEUR (Western Europe) region. No data leaves the EU. Podfy can provide a Data Processing Agreement (DPA) for GDPR compliance purposes.

What counts as an audit-ready delivery record?

An audit-ready delivery record should include: the document itself (signed CMR or delivery note), a timestamp showing when it was submitted, GPS coordinates confirming the delivery location, and a reference linking it to the invoice or PO. All four elements are captured automatically in Podfy.

Can Podfy records be exported for an audit package?

Yes. Delivery records can be exported as PDFs from the Podfy portal. Bulk export by date range or reference prefix is available. This is typically what auditors and Belastingdienst inspections require.

Proof of Delivery Compliance and Audit Retention

Q: Is GPS-stamped digital evidence accepted in Dutch and Belgian courts?

Generally yes, for commercial disputes. GPS-stamped, timestamped digital records created by a third-party system are considered reliable evidence in Dutch and Belgian commercial proceedings. They supplement, and in practice often replace, paper CMR originals in dispute resolution.

Retention requirements for logistics businesses

Netherlands (Belastingdienst). Dutch tax law (Wet op de omzetbelasting and Algemene wet inzake rijksbelastingen) requires financial and commercial records — including delivery documentation used as the basis for invoicing — to be retained for 7 years. Records must be accessible and legible for tax inspection.

Belgium. Belgian commercial record-keeping (Code des sociétés et des associations) requires 7-year retention for accounting documents. VAT-related records, including those documenting supply of services, must be accessible for Belgian tax authority review.

CMR Convention. For cross-border road freight under the CMR Convention, claims must be brought within 1 year (3 years for fraudulent acts). While this is shorter than domestic retention requirements, best practice is to retain CMR records for the full 7-year commercial retention period.

7-year retention required in NL and BE
Records must be accessible and legible
Digital records are accepted if they meet integrity requirements
CMR 1-year claim window; 3-year fraud window
EU GDPR applies to any personal data in delivery records
Data residency: EU-hosted for GDPR compliance

Delivery documents often contain personal data: driver names, vehicle license plates, GPS locations tied to individuals, and customer contact information. Under GDPR, this data must be processed and stored in accordance with the Regulation — and for organizations subject to Dutch or Belgian law, storage within the EU is strongly preferred.

All data stored via Podfy is processed in Cloudflare's EU-WEUR (Western Europe) region. No data crosses EU borders. This satisfies Dutch and Belgian GDPR data residency expectations without requiring a supplementary legal instrument (SCC).

For procurement and compliance purposes, Podfy provides a Data Processing Agreement (DPA). This is required if you process personal data of EU residents on behalf of a controller — for example, if you are a 3PL processing delivery records on behalf of shipper clients.

What makes a delivery record audit-ready

Element 01

The document

A legible copy of the signed CMR, delivery note, or photo evidence. Must be retrievable on request. Podfy stores the original uploaded file, not a re-processed version.

Element 02

Timestamp and GPS

The exact time of delivery and the GPS coordinates, captured at the moment of upload. These establish that the document was created at the delivery point at a specific time — not fabricated after the fact.

Element 03

Reference linkage

The record must be linkable to the invoice and purchase order. A consistent reference system (PO number, shipment ID, or CMR number) in the upload means every record can be retrieved by the identifier your finance team uses.

Frequently asked questions

7 years in both jurisdictions for commercial and financial records. CMR documents for cross-border freight have a 1-year claims window but best practice is to retain for the full 7-year period. Podfy's 7-year archive option covers both requirements.

Yes. All data is stored in Cloudflare's EU-WEUR (Western Europe) region. No data leaves the EU. A Data Processing Agreement is available for organizations with formal GDPR compliance requirements.

An audit-ready record includes: the document itself (signed CMR or delivery note), a timestamp, GPS coordinates confirming location, and a reference linking it to the invoice or PO. All four are captured automatically in every Podfy submission.

Yes. Delivery records can be exported as PDFs from the portal, individually or in bulk by date range or reference prefix. This is typically what Belastingdienst or Belgian FSMA inspections require.

Generally yes for commercial disputes. GPS-stamped, timestamped digital records created by a third-party system are considered reliable evidence in Dutch and Belgian commercial proceedings. They supplement, and often replace, paper CMR originals in dispute resolution.