GDPR and CCPA Compliance
IDTRACK meets the compliance requirements of both the General Data Protection Regulation (GDPR) and California Consumer Protection Act (CCPA). IDTRACK has certified that it adheres to the General Data Protection Regulation (GDPR) and California Consumer Protection Act (CCPA) privacy principles of notice, choice, onward transfer, security, data integrity, access, and enforcement with respect to all personal information transferred from the EU to the US and within the US (personal information) within the scope of its General Data Protection Regulation (GDPR) and California Consumer Protection Act (CCPA) attestations.
Collection and Use of Personal Information
Personal information gathered by us means any information that is related to an identified person, or that may be used to contact or identify an individual. Some examples may include but are not limited to: first and last name, email address, address or other contact information, telephone number, employer, driver’s license number, license plate number, and other information necessary or useful to providing the telematics product or services to you. We collect Personal Information for the purpose of providing the Services, identifying and communicating with you about the Services, responding to your requests/inquiries, servicing your account and orders, improving our Services, and communicating with you about our Services and promotions.
IDTRACK is careful about what information is collected and retained. We subscribe to a transparent information collection approach to allow our customers awareness about what information is captured by the system. Our management team reviews policies and practices to ensure that no information is deceptively being obtained or retained. IDTRACK complies and adheres to all relevant rules of law with respect to data collection and data privacy.
When IDTRACK collects Personal Information from a third-party source, we ensure that the sources are reputable and the information is collected fairly and legally.
You are not required to provide the personal information that we have requested, but, if you chose not to do so, in some cases we will not be able to provide you with certain features within our products or services.
Telematics units will track device location by sending GPS coordinates to the IDTRACK Portal application. We may also determine location by using other data from your mobile device, such as information about wireless networks or cell towers near your device. We use and store information about your location to enable many product features that are dependent upon location tracking. We may also use collected information to troubleshoot software, to conduct data analysis, to do testing, research, and to monitor and analyze usage and activity trends to improve and customize the services.
We may collect information about the devices you use to access our services, including hardware details, operating system details, software details, unique device identifiers, serial numbers, device motion information, device location and mobile network information.
As you interact with our services, we collect server logs, which may include information such as device IP address, access dates and times, application pages viewed, app crashes, browser details and other system activities. In addition, we use third-party services such as Google Analytics that collect, monitor and analyze this type of information in order to increase our Services’ functionality. These third-party services providers have their own privacy policies addressing how they use such information.
How we use the information we collect
We use information that we collect to fulfill your requests as part of our service offerings, to communicate with you about our product and services, and to assist with any question you have about our products. This information also helps us maintain the safety and security of our users and the services we provide. The information we collect also contributes to the research and development of existing and future products. Collected information may be used in cooperation with government officials or under process of law or regulation, or as otherwise required in connection with legal proceedings Personal information may be locally stored on your device. IDTRACK does not sell or share your personal information to third parties for direct marketing purposes.
We may use your Personal Information to contact you with newsletters, marketing or promotional materials, and other information that may be of interest to you. You may Opt-Out of receiving any, or all, of the communications from us by following the Unsubscribe link or instructions provided in any email we send, or by emailing email@example.com
We may anonymize your Personal Information. Anonymized information is not considered Personal Information, and we may use and disclose anonymized information for our own business purposes, which include improvement and/or development of our products and services and/or to create statistical reports or materials.
How long we retain your Personal Information
The retention period for information that we collect about you depends on the type of information, as described in further detail below. After the retention period has expired, we will either delete or anonymize your information or, if this is not possible (for example, because the information has been stored in backup archives), then we will securely store your information and isolate it from any further use until deletion is possible.
We retain your account information for as long as your account is active, and a reasonable period thereafter for re-use when you decide to reactivate the Services. We also retain your information as necessary to comply with our legal obligations, to resolve disputes, to enforce our agreements, and to develop and improve our services. Where we retain information for Service improvement and development, it will be anonymized and used to uncover collective insights about the use of our Services, not to specifically analyze personal characteristics of you.
If the Services are made available to you through your organization (e.g., your employer), we retain information as long as required by your employer under our agreement with your employer as required by the administrator of your account. If your account is deactivated, your information, communications, and actions you may have taken regarding the Services will remain in order to allow your organization to make full use of the Services.
If you have elected to receive marketing emails or other contacts from us, we retain information about your marketing preferences for a reasonable period of time from the date you last expressed interest in our services. Every marketing email we send will provide you with the option to Opt-Out of receiving future emails.
We work with partners who may market, sell, or support our Services. These partners may provide us Personal Information so that we can contact you. We may also receive your Personal Information from advertising, market research, or data enrichment partners whom we engage to identify prospective customers.
Information We Share With Your Consent
We will share personal information with companies, organizations or individuals outside of IDTRACK only when we have your consent to do so. Certain programs that may provide underwritten or subsidized pricing can require the sharing of vehicle, telematics safety data, or other data that we may consider sensitive personal information. We always require opt-in consent for the sharing of any personally identifiable information, but note we may share de-identified and/or aggregated data without your consent.
Information Collected via SMS Short Code
Information collected via SMS short code is not shared with third parties unless we are required to do so in response to a lawful request by public authorities, including to meet national security or law enforcement requirements.
A cookie is a small text file that is used to collect information about web site activity. Some of our web pages utilize cookies to recall previous session information provided by a web user. Most browsers allow you to control cookies, including whether or not to accept them and provide details about how to remove them. Many browsers provide an option to notify you if you receive a cookie and allow you the ability to block cookies. Cookies may record information such as Internet domain and host names, user names, Internet protocol (IP) addresses, browser and operating system types, clickstream patterns, and/or dates and times that our site is accessed. Cookies may be used to gather user analytics which will be used to analyze trends and statistics. Users can opt-out of Google Analytics Advertising Features through Ads Settings, Ad Settings for mobile apps, or any other available means (for example, NAI’s consumer opt-out).
Service Providers who may Receive Your Personal Information
We may employ third-party companies and individuals (our “agents”) to facilitate our Services, to provide Services on our behalf, to perform complimentary services and/or to assist us in analyzing how our Services are used. Examples may include compute hosting, storing data, delivering messages, processing payments, analyzing data, providing marketing assistance, and supplementing the information you provide us in order to provide you with better service. We do not transfer data to non-agent third parties. These third parties have access to your Personal Information only to perform specific tasks on our behalf and underwritten obligation to not
Notwithstanding such legal and contractual obligations between us and such service providers, we remain potentially liable for any misuse of your Personal Information. We will only disclose Personal Information when we are required to do so in response to a lawful request by public authorities, including to meet national security or law enforcement requirements.
How We Secure Your Information
Whenever information is held within IDTRACK systems, or on its behalf, we take reasonable and appropriate steps to protect the personal information from unauthorized access, disclosure, alteration, or destruction. We employ industry best practices, such as firewalls, encryption and physical security measures in order to prevent unauthorized use of personal information. Access and actions on personal information are restricted to employees of IDTRACK or authorized third-party agents, only when the information is required to perform a specific task, i.e. order processing and fulfillment.
New Uses of your Personal Information
You have control over your Personal Information. Below are the rights you have and steps you can take to exercise them. Please note that your rights may be limited in certain cases: for example, if fulfilling your request would reveal information about another person, or if you ask to delete information for which we or your employer are permitted by law or have compelling legitimate interests to keep, and it may take time for us to investigate your request.
Right to Access – You have a right to request a copy of the Personal Information that IDTRACK holds. To request this information a copy of your Personal Information, please email your request to firstname.lastname@example.org
Right to Removal – You have a right to request the deletion of the Personal Information that IDTRACK holds. To request deletion of your Personal Information, please email your request to email@example.com
Right to Correction – You have a right to request updating or correcting of Personal Information that IDTRACK holds. To request updating or correcting of your Personal Information, please email your request to firstname.lastname@example.org
IDTRACK will endeavor to fulfill all privacy requests in a timely manner. If we deny or are unable to fulfill your request, we will inform you in a timely manner and provide explanation.
Updates to this Policy
We may occasionally update this policy. If we make significant changes, we will notify you of the changes through the application portal or through others means, such as e-mail. By using our services, you consent to our updates to this policy, to the extent permitted under applicable law. We encourage you to periodically review this policy for the latest information with respect to our privacy practices.