Privacy Policy
Fleetyr (“we”, “our”) offers a variety of analytic and reporting tools available online, including via a mobile application (collectively, the “Service”), including but not limited to www.fleetyr.com (the “Websites”). As our clients (referred to as “you” or “subscriber”) use the Service and interact with the Websites, Fleetyr collects and processes information from and about you for the purposes of providing you with access to the Service, improve the Service, and interact with you. This Privacy Policy (the “Policy”) describes how Fleetyr collects, uses, and discloses information collected through the Service and Websites, and what choices you have with respect to such information. The first section below explains which privacy terms are applicable to you depending on what type of user you are.
References to “Fleetyr” throughout the Policy mean the Fleetyr acts as the data controller or data processor of your information, as explained in more detail below. If you do not agree with this Policy, do not access or use the Service, Websites, or any other part of Fleetyr’s business.
If you have any questions about this Privacy Policy, please contact Fleetyr by emailing us at privacy@fleetyr.com.
This Privacy Policy contains the following sections:
- Data Privacy
- What Type of User am I and What Privacy Terms are Applicable to Me?
- Privacy Terms for Subscribers
- Privacy Terms for Demo Users
- Privacy Terms for Site Visitors
- Additional Privacy Terms for All Users
- Fleetyr Contact Info
1. Data Privacy
Fleetyr ensure that Data Processing is conducted in accordance with Applicable Law and respects the rights of individuals whose Personal Data are Processed under the Policy.
1.1 Definitions
- Applicable Law(s) means all applicable laws, regulations, and other legal or regulatory requirements in any jurisdiction relating to privacy, data protection/security, or the Processing of Personal Data, including without limitation the Generation Data Protection Regulation, Regulation (EU) 2016/679 (“GDBR”). For the avoidance of doubt, if Fleetyr’s processing activities involving Personal Data are not within the scope of an Applicable Law, such law is not applicable for purposes of this Policy.
- Controller means the owner of sets of data.
- Fleetyr means Fleetyr, its Affiliates, subsidiaries, employees, officers and directors.
- EEA means the European Economic Area, which constitutes the member states of the European Union and Norway, Iceland and Liechtenstein, as well as, for the purposes of this Policy, Switzerland and Ireland.
- Personal Data Breach means the accidental or unlawful destructions, loss, alteration, unauthorised disclosure of, or access to, Personal Data.
- Personal Data includes personal data, personal information and personally identifiable information, and such terms shall have the same meaning as defined by Applicable Law.
- Process and Processing mean any operation or set of operations performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organisation, creating, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination
or otherwise making such data available, alignment or combination, restriction, erasure or destruction. - Processor means the entity who engages in Processing sets of data.
- Standard Contractual Clauses means the annex found in EU Commission Decision of 5 February 2010 on standard contractual clauses for the transfer of Personal Data from the EEA to processors established in third countries under Directive 95/46/EC of the European Parliament and of the European Council, completed as described in the “Data Transfers” section below.
- Subprocessor means any Fleetyr Affiliate or party engaged by Fleetyr for the Processing of Personal Data in connection with the Service.
1.2 Relationship of the Parties
Customer is (or represents that it is acting with the full authority on behalf of) the “Controller”, and Fleetyr is the “Processor”, as such terms (or the equivalent thereof) are defined in Applicable Law, with respect to the Personal Data Processed under the Subscriber Agreement. In some circumstances, Customer may be a Processor, in which case Customer appoints Fleetyr as Customer’s subprocessor, which shall not change the obligations of either Customer or Fleetyr under this Policy.
1.3 Customer’s Instructions to Fleetyr
1.3.1 Purpose Limitation
Fleetyr will not sell Personal Data or otherwise Process Personal Data for any purpose other than for the specific purposes of provision of the Service to the Customer, unless obligated to do otherwise by Applicable Law. In such case, Fleetyr will inform Customer of the legal requirement before the Processing unless legally prohibited from doing so.
1.3.2 Lawful Instructions
Customer will not instruct Fleetyr to Process Personal Data in violation of Applicable Law. Fleetyr has no obligation to monitor the compliance of Customer’s use of the Service with Applicable Law, though Fleetyr will immediately inform Customer if, in Fleetyr’s opinion, an instruction from Customer infringes Applicable Law. This policy, along the Customer’s configuration of the Service (as Customer may be able to modify from time to time) and any features applicable to Customer’s then-current version of the Service, constitute Customer’s complete and final instructions to Fleetyr regarding the Processing of Personal Data, including for purposes of Standard Contractual Clauses.
1.4 Subprocessing
1.4.1 Subprocessors
Customer acknowledges and agrees that Fleetyr’s Affiliates and certain third parties may be retained as Subprocessors to Process Personal Data on Fleetyr’s behalf (under this Policy as well as under the Subscriber Agreement, if they apply) in order to provide the Service. Fleetyr’s third-party Subprocessors may change from time to time. Prior to a Subprocessor’s Processing of Personal Data, Fleetyr will impose contractual obligations on the Subprocessor substantially the same as those imposed on Fleetyr under this Policy. Fleetyr remains liable for its Subprocessors’ performance to the same extent Fleetyr is liable for its own performance.
1.4.2 Notification
Fleetyr will provide Customers notification of new Subprocessors before authorising such Subprocessors to Process Personal Data in connection with the provision of the Service by email, post, message in the Service or advertisement on the Website.
1.4.3 Right to Object
Customer may reasonably object to Fleetyr’s use of a Subprocessor by notifying Fleetyr promptly in writing within ten (10) business days after receipt of Fleetyr’s notice in accordance with the mechanism set out in Section 1.4.2. In its notification, Customer shall explain reasonable grounds for objection. In the event Customer objects to a Subprocessor, Fleetyr will use commercially reasonable efforts to make available to Customer a change in the Service or recommend a commercially reasonable change to Customer’s configuration or use of the Service to avoid Processing of Personal Data by the objected-to new Subprocessor without unreasonably burdening the Customer. If Fleetyr is unable to make available such change within a reasonable period of time, which shall not exceed thirty (30) calendar days, either Party may terminate without penalty the applicable Order Form(s) with respect only to those services which cannot be provided by Fleetyr without the use of the objected-to new Subprocessor by providing written notice to the other Party.
1.4.4 Emergency Replacement
Fleetyr may replace a Subprocessor if the need for the change is urgent and necessary to provide the Service. In such an instance, Fleetyr shall notify Customer of the replacement as soon as reasonably practicable, and Customer shall retain the right to object to the replacement Subprocessor pursuant to Section 1.4.3 above.
1.5 Assistance and Cooperation
1.5.1 Security
Fleetyr will provide reasonable assistance to Customer regarding Customer’s compliance with its security obligations under Applicable Law relevant to Fleetyr’s role in Processing the Personal Data, taking into account the nature of Processing and the information available to Fleetyr, by implementing technical and organisational measures, without prejudice to Fleetyr’s right to make future replacements or updates to the measures that do not lower the level of protection of Personal Data.
Fleetyr will ensure that the persons Fleetyr authorises to Process the Personal Data are subject to written confidentiality agreements or under an appropriate statutory obligation of confidentiality no less protective than the confidentiality obligations set forth in the Subscriber Agreement.
1.5.2 Personal Data Breach Notification and Response
Fleetyr will comply with the Personal Data Breach-related obligations (or Customer Data Incident) directly applicable to it under Applicable Law. Considering the nature of Processing and the information available to Fleetyr, Fleetyr will assist Customer by informing it of a confirmed Personal Data Breach without undue delay or within the time period required under Applicable Law. Fleetyr will notify Customer at the email address detailed in Section 7 for purposes of Personal Data Breach notifications. Any such notification is not an acknowledgement of fault or responsibility. To the extent available, this notification will include Fleetyr’s then-current assessment of the following, which may be based on incomplete information:
-
-
-
- the nature of the Personal Data Breach, including, where possible, the categories and approximate number of data subjects concerned and the categories and approximate number of Personal Data records concerned;
- the likely consequences of the Personal Data Breach; and
- measures taken or proposed to be taken by Fleetyr to address the personal Data Breach, including, where applicable, measures to mitigate its possible adverse effects.
-
-
Fleetyr will not assess the contents of Customer Data in order to identify information subject to any specific legal requirements. Customer is solely responsible for complying with legal requirements for incident notification applicable to Customer and fulfilling any third-party notification obligations related to any Personal Data Breach. Nothing in this Policy shall be construed to require Fleetyr to violate, or delay compliance with, any legal obligation it may have with respect to a Personal Data Breach or other security incidents generally.
1.6 Responding to Individuals Exercising Their Rights Under Applicable Law
To the extent legally permitted, Fleetyr shall promptly notify Customer if Fleetyr received any requests from an individual seeking to exercise any rights afforded to them under Applicable Law regarding their Personal Data, which may include: access, rectification, restriction of Processing, erasure, data portability, objecting to the Processing, or to not be subject to an automated individual decision making process. To the extended Customer, in its use of the Service, does not have the
ability to address a Data Subject Request, Fleetyr shall, upon Customer’s request, provide commercially reasonable efforts to assist Customer in responding to such Data Subject Request, to the extent Fleetyr is legally permitted to do so and the response to such Data Subject Request is required under Applicable Law. To the extent legally permitted, Customer shall be responsible for any costs arising from Fleetyr’s provision of such assistance, including any fees associated with provision of additional functionality.
1.7 Consultation and Compliance with Supervisory or other Regulatory Authorities
Taking into account the nature of the Processing and the information available to Fleetyr, Fleetyr will provide reasonable assistance to and cooperation with Customer for Customer’s performance of any legally required data protection impact assessment of the Processing or proposed Processing of the Personal Data involving Fleetyr, and in consultation with supervisory authorities or other regulatory authorities as required, by providing Customer with any publicly available documentation for the Service or by complying with Section 1.9Audits below. Additional support for data protection impact assessments or relations with regulators may be available and would require mutual agreement on fees, the scope of Fleetyr’s involvement and any other terms that the Parties deem appropriate.
1.8 Data Transfers
Customer authorises Fleetyr and its Subprocessors to make international transfers of the PersonalData in accordance with this Policy so long as Applicable Law for such transfers is respected.
For transfers of Personal Data under this Policy from the EEA to countries which do not ensure an adequate level of data protection within the meaning of Applicable Law of the foregoing territories, to the extent such transfers are subject to such Applicable Law, Fleetyr shall apply an adequate level of data protection that can be understood as reasonable under the territory’s Applicable Law.
1.9 Audits
Fleetyr shall allow for and assist with audits, including inspections, conducted by Customer or another auditor mandated by Customer subject to the following conditions:
-
-
-
- So long as the Subscriber Agreement remains in effect and at Customer’s sole expense, Customer may request that Fleetyr provide it with documentation, data and records (“Records”) no more than once annually relating to Fleetyr’s compliance with this Policy.
- To the extent Customer uses a third-party representative to conduct the Audit, Customer shall ensure that such third-party representative is bound by obligations of confidentiality no less protective than those contained in this Policy.
- Customer shall provide Fleetyr with thirty (30) days prior written notice of its intention to conduct an Audit, unless agreed to in writing by a Fleetyr director, board member or Chief Executive Officer.
- Customer shall conduct its Audit in a manner that will result in minimal disruption to Fleetyr’s business operations and shall not be entitled to receive data or information of other clients of Fleetyr or any other Confidential Information of Fleetyr that is not directly relevant for the authorised purposes of the Audit.
- If any material non-compliance is identified by an Audit, Fleetyr shall take prompt action to correct such noncompliance.
- For the avoidance of doubt, this provision does not grant Customer any rights to conduct an on-site audit of Fleetyr’s premises.
- Customer shall reimburse Fleetyr for any time expended for an Audit at Fleetyr’s then-current consultation rates, which shall be made available to Customer upon request.
-
-
1.10 Return or Destruction of Personal Data
Upon written request from Customer’s authorised representative (which for purposes of this Section is any Customer employee that is either a billing owner, or an Administrator of the Service or who has confirmed in writing that they are authorised to make decisions on behalf of the Customer), Fleetyr shall delete or anonymise such Personal Data in accordance with its requirements under Applicable Law. Notwithstanding the foregoing, this provision will not require Fleetyr to delete Personal Data from archival and back-up files except as provided by Fleetyr’s internal data deletion practices and as required by Applicable Law.
2. What Type of User am I and Which Privacy Terms Are Applicable to Me?
Fleetyr has three different types of users depending on the Fleetyr products used. Please see the bullets below to determine which type of user you are, and the privacy terms applicable to you. It is possible that you may use Fleetyr in different ways. If so, please review all applicable privacy terms.
- Subscribers
We call users who use the Service as part of any tier of a paid Fleetyr subscription plan “Subscribers.” The Service features and functionalities available to Subscribers are determined by the specific terms agreed to between Fleetyr and the organisation (e.g. your employer or another entity or person, called the “Customer”) that entered into a separate agreement that governs delivery, access, and use of the Service (for purpose of this Policy, the “Subscriber Agreement”). The Customer controls its instance of the Service and is the data controller of the information collected through the Service about Subscribers, and Fleetyr is a data processor of such information.
Refer to section 3 for specific privacy terms applicable to Subscribers. - Demo Users
We call users who use a non-paid version of the Service “Demo Users”. While Demo Users can access and use the Service, they have access to a more limited set of Service features and functionality than Subscribers. Fleetyr is the data controller of the information collected through the Service about Demo Users. Refer to section 4 for specific privacy terms applicable to Demo Users. - Site Visitors
We call users of the Websites “Site Visitors.” Site Visitors can be individuals who are simply browsing the Websites but who do not use the Fleetyr Service; or, Site Visitors can be Demo Users or Subscribers who visit the Websites to seek additional information about Fleetyr. Fleetyr is the data controller of the information collected through the Website about Site Visitors. Refer to section 5 for specific privacy terms applicable to Demo Users.
3. Privacy Terms for Subscribers
3.1 Overview
Section 3 of this Policy applies only to Subscribers. If you are a Subscriber, the “Customer Agreement” governs the collection and processing of information collected from you through the Customer’s instance of the Service (e.g. a Customer's organisation or workspace, but for purposes of this Policy referred to as the “Workspace”), including all associated files, projects, conversations, and other content submitted through the Service (“Workspace Content”). In the event of a conflict between this Privacy Policy and the Customer Agreement, the Customer Agreement governs. Because the Customer controls the Workspace used by Subscribers, if you have any questions about the Customer’s specific Workspace settings and privacy practices, please contact the Customer whose Workspace you use. If you are a Subscriber located in the European Union, please note that the Customer is the data controller with respect to the processing of your Workspace Content pursuant to the EU General Data Protection Regulation (“GDPR”). When processing Workspace Content of EU data subjects governed by the Customer Agreement, Fleetyr is the data processor, meaning that we collect and process such information solely on behalf of the Customer.
3.2 Collection and Use of Subscriber Information
This section explains the information we collect from Subscribers. We do not require Subscribers to provide us with information. However, certain information, such as account log-in data, is required to provide you with access to the Service, and other information may be collected automatically as you use the Service.
3.2.1 Workspace Content
Workspace Content is collected, used, and shared by Fleetyr in accordance with the Customer’s instructions, including any applicable terms in the Customer Agreement, or as required by applicable law. The Customer, and not Fleetyr, determines its own, internal policies regarding storage, access, modification, deletion, sharing, and retention of Workspace Content which may apply to your use of the Service. For example, a Customer may provide or remove access to the Service, enable or disable third party integrations, manage permissions, retention and export settings, transfer or assign teams, or share projects. Please check with the Customer about the policies and settings that they have instituted with respect the Workspace Content that you provide when using the Service.
3.2.2 Account Information
To set up your Fleetyr account, you or the Customer will provide us with basic information about you which may include your name, address, telephone number, email address, and password. You may also opt to provide optional profile information, such as a photograph or basic demographic data. With your permission, we may also upload calendar information stored on your mobile device to your account.
3.2.3 Payment Information
If you submit payment information in connection with your use of the Service, we utilise a third-party credit card payment processing company to collect payment information, including your credit card number, billing address, and phone number. In such circumstances, the third-party service provider, and not Fleetyr, stores your payment information on our behalf.
3.2.4 Service Usage Information
As you use the Service, we collect information about how you use and interact with the Service (“Service Usage Information”). Such information includes:
- Device information
When you access the Service using a mobile device, we collect certain device information, including the type of device you are using, its operating system, and mobile network information, which may include your mobile phone number. We may also collect your MAC address and other unique device identifiers. - Log files
When you use the Service, our servers automatically record information in server log files. These log files may include information such as your web request, IP address, browser type and settings, referring/exit pages and URLs, number of clicks, date and time stamp information, language preferences, data from cookies and similar
technologies, and other such information. - Location information
We collect and process general information about the location of the device from which you are accessing the Service (e.g. approximate geographic location inferred from an IP address). - Workspace Use Metadata
When you interact with the Service, metadata is generated that provides high-level (non-content) information about the way you work in your Workspace. For example, we may log the number of Workspaces you work in; the features and embedded Service content you interact with; the types of files you share; and what, if any, third party services and integrations you use. - Other Information
You may provide us with information when you interact with us in other ways, such as when you submit requests or questions to us via forms or email (e.g. support forms, sales forms, user research participation forms); information you provide in connection with Fleetyr contests, or research studies in which you choose to participate; beta testing; and requests for customer support and technical assistance (collectively, “Other Information”). - Information Collected from Third-Party Integrations
If you choose to use or connect to third-party integrations through the Service, or if you are required or permitted to do so by a Customer, such third parties may allow us to have access to and store additional information about your interaction with those services as it relates to your use of the Service. If you initiate these connections, you also understand that we will share information about you that is required to enable your use of the third-party integration through the Service. If you do not wish to have this information shared, do not initiate these connections. By enabling these connections, you authorise us to connect and access the information provided through these connections, and you understand that the privacy policies of these third parties govern such connections.
3.3 How Does Fleetyr Use Subscriber Information?
This section explains how Fleetyr uses information collected from Subscribers.
3.3.2 Workspace Content
Fleetyr may view and use Workspace Content collected from and about Subscribers only as necessary:
- To maintain, provide and improve the Service.
- To prevent or address technical or security issues and resolve support requests.
- To investigate when we have a good faith belief, or have received a complaint alleging, that such Workspace Content is in violation of the Customer Agreement or our User Terms of Service.
- To comply with a valid legal subpoena, request, or other lawful process that meets the requirements of the Customer Agreement.
- As otherwise set forth in our Customer Agreement or as expressly permitted in writing by the Customer.
3.3.2 Account Information, Service Usage Information, Information from Third Party Integrations, and Other Information
Fleetyr may use these categories of information collected from and about Subscribers to:
- Maintain, provide, and improve the Service.
- Respond to your requests for information.
- Prevent or address technical or security issues and resolve support requests.
- Investigate in good faith alleged violations of our User Terms of Service.
- Comply with a valid legal subpoena, request, or other legal requirements.
- Help us better understand user interests and needs, and customise the Service for our users.
- Engage in analysis, research, and reports regarding use of the Service.
- Protect the Service and our users.
- Communicate with you via email and through the Service about important notices and updates regarding the Service, such as to inform you about changes in the Service, our service offerings, and important services-related notices, such as about security and fraud. Because these communications are an important part of the Service, you may not opt out of them.
- In accordance with applicable legal obligations, communicate with you about promotions, offers, and news about Fleetyr. You can unsubscribe from such promotional communications.
- Provide cross-device management of your account. For example, we may locate or try to locate the same unique users across multiple browsers or devices (such as smartphones or tablets), or work with service providers that do this, in order to save your preferences across devices and analyse usage of the Service. If you wish to opt out of the ability of one our service providers, Google Analytics, to locate you across devices in this way, you may install the Google Analytics Opt-out Browser Add-on.
3.4 Sharing of Subscriber Information
In accordance with the applicable Customer Agreement, we may share the information we collect from Subscribers as follows:
3.4.1 Service Providers
We may provide access to or share your information with select third parties that use the information only to perform services on our behalf. These third parties provide a variety of services to us, including without limitation sales, marketing, provision of content and features, analytics, data storage, security, fraud prevention, and other services.
3.4.2 Business Transactions
If the ownership of all or substantially all of our business changes, we may transfer your information to the new owner so that the Service can continue to operate. In such case, your information would remain subject to the promises and commitments contained in this Policy until such time as the acquiring party modifies it. If such transfer is subject to additional mandatory restrictions under applicable laws, Fleetyr will comply with such restrictions.
3.4.3 Consistent with your settings within the Service
Please note that the Workspace Content you submit through the Service may be viewable by other users in your Workspace and within your organisation, depending on the specific settings you and your organisation have selected.
3.5 Aggregate De-Identified Data
We may aggregate and/or de-identify information collected through the Service so that such information can no longer be linked to you or your device (“Aggregate/De-Identified Information”). We may use Aggregate/De-Identified Information for any purpose, including without limitation for research and analytics, and may also share such data with any third parties, including partners, affiliates, services providers, and others.
3.6 Combined Information
We may combine the information that we collect through the Service with information that we receive from other sources, both online and offline, and use such combined information in accordance with this Policy and the Customer Agreement.
3.7 Data Retention
We will retain your information for the period necessary to fulfill the purposes outlined in this Policy unless a longer retention period is required or permitted by law, or where the Customer Agreement requires or permits specific retention or deletion periods.
3.8 Data Subject Rights
Please contact your Workspace owner(s) or administrator(s) to exercise any data subject rights you have under applicable local laws, including your ability to access, delete, rectify, transfer, or object under the GDPR.
4. Privacy Terms for Demo Users
4.1 Overview
Section 3 of this Policy applies only to Demo Users of the Service. If you are a Demo User located in the European Union, Fleetyr is the data controller with respect to the processing of your personal data pursuant to the GDPR.
4.2 Collection and Use of Demo User Information
This section explains how we collect, process, and use the information collected from Demo Users. We do not require Demo Users to provide us with information. However, certain information, such as account log-in data, is required to provide you with access to the Service, and other information may be collected automatically as discussed below.
4.2.1 Information You Provide to Fleetyr
Fleetyr collects the following information submitted directly through the Service by Demo Users:
- Information you provide as part of your account registration with Fleetyr, which may include your name, organisation name, address, telephone number, email address, username and password; optional information that you may choose to provide, such as a photograph or basic demographic data; and, with your permission, calendar information stored on your mobile device that you may elect to upload to your account (collectively, the “Account Information”); and
- Information you provide in other interactions with us, such as requests or questions you submit to us via forms or email (e.g., support forms, sales forms, user research participation forms), information you provide in connection with Fleetyr sweepstakes, contests, or research studies in which you choose to participate; beta testing; and requests for customer support and technical assistance (collectively, “Other Information”).
4.2.2 Service Usage Information
As you use the Service, we collect a variety of information about how you use and interact with the Service (“Service Usage Information”). Such information includes:
- Device information
When you access the Service using a mobile device, we collect certain device information, including the type of device you are using, its operating system, and mobile network information, which may include your mobile phone number. We may also collect your MAC address and other unique device identifiers. - Log files
When you use the Service, our servers automatically record certain information in server log files. These log files may include information such as your web request, IP address, browser type and settings, referring / exit pages and URLs, number of clicks, date and time stamp information, language preferences, data from cookies and similar technologies, and other such information. - Location information
We collect and process general information about the location of the device from which you are accessing the Service (e.g., approximate geographic location inferred from an IP address). - Workspace Use Metadata
When you interact with the Service, metadata is generated that provides high-level (non-content) information about the way you work in your Workspace. For example, we may log the number of Workspaces you work in; the number of tasks to which you are assigned; the features and embedded Service content you interact with; the types of files you share; and what, if any, third party services and integrations you use.
4.2.3 Information Collected from Third Party Integrations
If you choose to use or connect to third-party integrations through the Service, such third parties may allow us to have access to and store additional information about your interaction with those services as it relates to your use of the Service. Moreover, if you initiate these connections, you also understand that we will share information about you that is required to enable your use of the third-party integration through the Service. If you do not wish to have this information shared, do not
initiate these connections. By enabling these connections, you authorise us to connect and access the information provided through these connections, and you understand that the privacy policies of these third parties govern such connections.
4.2.4 Information Collected from Other Third Parties
Fleetyr may receive additional information about you, such as demographic information, from affiliates under common ownership and control, and from third parties, such as business partners, marketers, researchers, analysts, and other parties that we may use to supplement the information that we collect directly from you.
4.3 Use of Demo User Information
Fleetyr may use the information collected from Demo Users to:
- Maintain, provide, and improve the Service.
- Respond to your requests for information.
- Prevent or address technical or security issues and resolve support requests.
- Investigate in good faith alleged violations of our User Terms of Service.
- Comply with a valid legal subpoena, request, or other legal requirements.
- Help us better understand user interests and needs, and customise the Service for our users.
- Engage in analysis, research, and reports regarding use of the Service.
- Protect the Service and our users.
- Communicate with you via email and through the Service about important notices and updates regarding the Service, such as to inform you about changes in the Service, our service offerings, and important services-related notices, such as about security and fraud. Because these communications are an important part of the Service, you may not opt out of them.
- In accordance with applicable legal obligations, communicate with you about promotions, offers, and news about Fleetyr. You can unsubscribe from such promotional communications.
- Provide cross-device management of your account. For example, we may locate or try to locate the same unique users across multiple browsers or devices (such as smartphones or tablets), or work with service providers that do this, in order to save your preferences across devices and analyse usage of the Service. If you wish to opt out of the ability of one our service providers, Google Analytics, to locate you across devices in this way, you may install the Google Analytics Opt-out Browser Add-on.
4.4 Legal Bases for Use of Your Information
If you are located in the EU, please note that the legal bases under the EU General Data Protection Regulation (“GDPR”) for using the information we collect through your use of the Service as a Demo User are as follows:
- Where use of your information is necessary to perform our obligations under a contract with you (for example, to comply with the User Terms of Service which you accept by using the Service)
- Where use of your information is necessary for our legitimate interests or the legitimate interests of others (for example, to provide security for our Service; operate our Service; prevent fraud, analyse use of and improve our Service, and for similar purposes)
- Where use of your information is necessary to comply with a legal obligation
- Where we have your consent to process data in a certain way
4.5 Sharing of Demo User Information
We share the information we collect through the Service about Demo Users with the following:
4.5.1 Service Providers
We may provide access to or share your information with select third parties that use the information only to perform services on our behalf. These third parties provide a variety of services to us, including without limitation sales, marketing, provision of content and features, advertising, analytics, research, data storage, security, fraud prevention, and other services.
4.5.2 Business Transfers
If the ownership of all or substantially all of our business changes, we may transfer your information to the new owner so that the Websites can continue to operate. In such case, your information would remain subject to the promises and commitments contained in this Policy until such time as this Policy is updated or amended by the acquiring party upon notice to you. If such transfer is subject to additional mandatory restrictions under applicable laws, Fleetyr will comply with such restrictions.
4.5.3 Consent
We may disclose your information to third parties with your consent to do so.
4.5.4 Consistent with your settings within the Service
Please note that the Workspace Content you submit through the Service may be viewable by other users in your Workspace, depending on the specific settings you have selected.
4.6 Aggregate De-Identified Data
We may aggregate and/or de-identify information collected through the Service so that such information can no longer be linked to you or your device (“Aggregate/De-Identified Information”). We may use Aggregate/De-Identified Information for any purpose, including without limitation for research and marketing purposes, and may also share such data with any third parties, including advertisers, promotional partners, sponsors, event promoters, and/or others.
4.7 Combined Information
For the purposes discussed in this Policy, we may combine the information that we collect through the Service with information that we receive from other sources, both online and offline, and use such combined information in accordance with this Policy.
4.8 Data Retention
We will retain your information for the period necessary to fulfilthe purposes outlined in this Policy unless a longer retention period is required or permitted by law.
4.9 Data Subject Rights
Local legal requirements (such as those in the EU) may afford you additional rights. If you would like further information in relation to your legal rights under applicable law or would like to exercise any of them, please contact us using the information in the “Fleetyr Contact Info” section below at any time. Your local laws (such as those in the EU) may permit you to request that we:
- provide access to and/or a copy of certain information we hold about you;
- prevent the processing of your information for direct-marketing purposes (including any direct marketing processing based on profiling);
- update information which is out of date or incorrect;
- delete certain information which we are holding about you;
- restrict the way that we process and disclose certain of your information;
- transfer your information to a third party provider of services; and
- revoke your consent for the processing of your information
We will consider all requests and provide our response within the time period stated by applicable law. Please note, however, that certain information may be exempt from such requests in some circumstances, which may include if we need to keep processing your information for our legitimate interests or to comply with a legal obligation. We may request you provide us with information necessary to confirm your identity before responding to your request.
5. Privacy Terms for Site Visitors
5.1 Overview
Section 5 of this Policy applies only to Site Visitors. If you visit the Websites, regardless of whether you are also a user of the Service, the following rules apply to you. To eliminate any confusion, please note that the terms in this section apply only to use of Fleetyr’s Websites, not to use of the Service. If you are a Site Visitor located in the European Union, Fleetyr is the data controller with respect to the processing of your personal data pursuant to the GDPR.
5.2 Collection and Use of Site Visitor Information
5.2.1 Information Collected from Site Visitors
When you use the Websites, we collect the following information about you:
5.2.1.1 Contact Information
If you submit a request for information or a question through the Websites, you may be asked to provide us with basic information including your name, email address, phone number, and postal address. We will also keep records of the communication, the question/request you raised, and how it was resolved. If you choose to participate in a Fleetyr contest, or research study offered through the Websites, we will also collect basic contact information from you in connection with such activity.
5.2.1.2 Websites Usage Information
As you browse the Websites, we and our service providers (which are third party companies that work on our behalf to provide and enhance the Websites) use a variety of technologies, including cookies and similar tools, to assist in collecting information about how you use the Websites. For example, our servers automatically record certain information in server logs. These server logs may include information such as your web request, IP address, browser type and settings, referring / exit pages and URLs, number of clicks and how you interact with links on the Websites, domain names, landing pages, pages viewed, mobile carrier, mobile device identifiers and information about the device you are using to access the Websites, date and time stamp information and other such information.
5.2.1.3 Location Information
We collect and process general information about the location of the device from which you are accessing the Service (e.g. approximate geographic location inferred from an IP address).
5.3 Cookies and Similar Technologies
To collect the Websites Usage Information discussed above, we and our service providers use Internet server logs, cookies, tags, SDKs, tracking pixels, and other similar tracking technologies. A web server log is a file where website activity is stored. An SDK is a section of code that we embed in our applications and software to allow third parties to collect information about how users interact with the Websites. A cookie is a small text file that is placed on your computer or mobile device
when you visit a site, that enables us to:
-
-
- recognise your computer and login session;
- store your preferences and settings;
- understand which pages of the Websites you have visited;
- enhance your user experience by delivering and measuring the effectiveness of content and advertising tailored to your interests;
- perform analytics; and
- assist with security and administrative functions
-
Tracking pixels (sometimes referred to as web beacons or clear GIFs) are tiny electronic tags with a unique identifier embedded in websites, online ads and/or email, and that are designed to provide usage information like ad impressions or clicks, email open rates, measure popularity of the Websites and associated advertising, and to access user cookies. As we adopt additional technologies, we may also gather information through other methods. Please note that you can change your settings to notify you when a cookie is being set or updated, or to block cookies altogether. Please consult the “Help” section of your browser for more information (e.g., Internet Explorer; Google Chrome; Mozilla Firefox; or Apple Safari).
5.4 Use of Information Collected from Site Visitors
We use the information collected from Site Visitors for a variety of purposes including to:
- Maintain, provide, and improve the Websites and the Service.
- Respond to your requests for information.
- In accordance with applicable legal obligations, communicate with you about promotions, offers, and news about Fleetyr. You can unsubscribe from such promotional communications.
- Prevent or address technical or security issues.
- Investigate in good faith alleged violations of our User Terms of Service.
- Help us better understand Site Visitor interests and needs, and customise the advertising and content you see on the Websites.
- Engage in analysis and research regarding use of the Websites and the Service.
5.5 Legal Bases for Use of Your Information
If you are located in the EU, please note that the legal bases under the GDPR for using the information we collect through your use of the Websites as a Site Visitor are as follows:
- Where use of your information is necessary to perform our obligations under a contract with you (for example, to comply with the User Terms of Service which you accept by browsing the Websites)
- Where use of your information is necessary for our legitimate interests or the legitimate interests of others (for example, to provide security for our Websites; operate our Websites; prevent fraud, analyse use of and improve our Websites, and for similar purposes)
- Where use of your information is necessary to comply with a legal obligation
- Where we have your consent to process data in a certain way
5.6 Aggregate/De-Identified Data
We may aggregate and/or de-identify information collected through the Websites so that such information can no longer be linked to you or your device (“Aggregate/De-Identified Information”). We may use Aggregate/De-Identified Information for any purpose, including without limitation for research and marketing purposes, and may also share such data with any third parties, including advertisers, promotional partners, sponsors, event promoters, and/or others.
5.7 Combined Information
You agree that, for the purposes discussed in this Policy, we may combine the information that we collect through the Websites with information that we receive from other sources, both online and offline, and use such combined information in accordance with this Policy. If, however, the collection of any information about you is governed by a Customer Agreement, information will only be combined and used in accordance with such Customer Agreement and the sections of this Policy applicable to Subscribers.
5.8 Website Analytics
5.8.1 Website Analytics
We may use third-party web analytics services on our Websites to collect and analyse usage information through cookies and similar tools; engage in auditing, research, or reporting; and provide certain features to you. To prevent Google Analytics from using your information for analytics, you may install the Google Analytics Opt-out Browser Add-on.
5.8.2 Third Parties
Third parties, whose products or services are accessible or advertised via the Websites, may also place cookies or other tracking technologies on your computer, mobile phone, or other device to collect information about you as discussed above.
We neither have access to, nor does this Policy govern, the use of cookies or other tracking technologies that may be placed on your device you use to access the Websites by such non-affiliated third parties. We do not control opt-out links or whether any company chooses to participate in these opt-out programs. We are not responsible for any choices you make using these mechanisms or the continued availability or accuracy of these mechanisms.
Notice Concerning Do Not Track Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. We are committed to providing you with meaningful choices about the information collected on our Websites for third party purposes. However, we do not currently recognise or respond to browser-initiated DNT signals.
5.9 Sharing of Site Visitor Information
We share the information we collect through the Websites with the following:
5.9.1 Service Providers
We may provide access to or share your information with select third parties that use the information only to perform services on our behalf. These third parties provide a variety of services to us, including without limitation sales, marketing, provision of content and features, advertising, analytics, research, data storage, security, fraud prevention, and other services.
5.9.2 Business Transfers
If the ownership of all or substantially all of our business changes, we may transfer your information to the new owner so that the Websites can continue to operate. In such case, your information would remain subject to the promises and commitments contained in this Policy until such time as this Policy is updated or amended by the acquiring party upon notice to you. If such transfer is subject to additional mandatory restrictions under applicable laws, Fleetyr will comply with such restrictions.
5.9.3 Public Forums
The Websites may make it possible for you to upload and share comments or feedback publicly with other users. Any information that you submit through such public features is not confidential, and Fleetyr may use it for any purpose (including in testimonials or other Fleetyr marketing materials). Any information you post openly in these ways will be available to the public at large and potentially accessible through third-party search engines. Such information can be read, collected and/or used by other users, and it could be used to send you unsolicited messages. Accordingly, please take care when using these features of the Websites.
5.9.4 Consent
We may also disclose your information to third parties with your consent to do so.
5.10 Retention of Your Information
We will retain your information for the period necessary to fulfill the purposes outlined in this Policy unless a longer retention period is required or permitted by law.
5.11 Data Subject Rights
Local legal requirements (such as those in the EU) may afford you additional rights. If you would like further information in relation to your legal rights under applicable law or would like to exercise any of them, please contact us using the information in the “Fleetyr Contact Info” section below at any time. Your local laws (such as those in the EU) may permit you to request that we:
- provide access to and/or a copy of certain information we hold about you;
- prevent the processing of your information for direct-marketing purposes (including any direct marketing processing based on profiling);
- update information which is out of date or incorrect;
- delete certain information which we are holding about you;
- restrict the way that we process and disclose certain details of your information;
- transfer your information to a third party provider of services; and
- revoke your consent for the processing of your information.
We will consider all requests and provide our response within the time period stated by applicable law. Please note, however, that certain information may be exempt from such requests in some circumstances, which may include if we need to keep processing your information for our legitimate interests or to comply with a legal obligation. We may request you provide us with information necessary to confirm your identity before responding to your request.
5.12 Third Party Links and Services
The Websites may contain links to third-party websites and functionalities. If you choose to use these third-party services, you may disclose your information not just to those third parties, but also to their users and the public more generally depending on how their services function. Because these third-party websites and services are not operated by Fleetyr, Fleetyr is not responsible for the content or practices of those websites or services. The collection, use, and disclosure of your information will be subject to the privacy policies of the third-party websites or services, and not this Policy. We urge you to read the privacy and security policies of these third parties.
6. Additional Privacy Terms for All Users
The following additional information about Fleetyr’s privacy practices apply to all users of Fleetyr (Subscribers, Demo Users, and Site Visitors).
6.1 Applicable Law
We collect, hold, use and disclose personal information to carry out our functions or activities under the:
- Australian Information Commissioner Act 2010 (AIC Act);
- the Privacy Act 1988 (Privacy Act); and
- the Freedom of Information Act 1982 (FOI Act).
6.2 Changes To Our Privacy Policy
We reserve the right to amend this Policy at any time to reflect changes in the law, our data collection and use practices, the features of our Service or Websites, or advances in technology. We will make the revised Policy accessible through the Service and Websites, so you should review the Policy periodically. If we make a material change to the Policy, we will comply with applicable legal requirements regarding providing you with notice and/or consent.
6.3 How We Protect Your Information
Fleetyr takes technical and organisational measures to protect your information against accidental or unlawful destruction or accidental loss, alteration, unauthorised disclosure or access. However, no method of transmission over the Internet, and no means of electronic or physical storage, is absolutely secure, and thus we cannot ensure or warrant the security of that information.
6.4 Marketing Practices and Choices
If you receive email from us, we may use certain analytics tools, such as clear GIFs, to capture data such as when you open our message or click on any links or banners our email contains. This data allows us to gauge the effectiveness of our communications and marketing campaigns. You may instruct us not to use your contact information to contact you by email, postal mail, or phone regarding products, services, promotions and special events that might appeal to your interests by contacting us at the “Fleetyr Contact Info” section below. In commercial email messages, you can also opt out by following the instructions located at the bottom of such emails. Please note that, regardless of your request, we may still use and share certain information as permitted by this Policy or as required by applicable law. For example, you may not opt out of certain operational or service-related emails, such as those reflecting our relationship or transactions with you.
7. Fleetyr Contact Info
Fleetyr is located in Queensland, Australia. If you wish to contact us or have any questions about or complaints in relation to this Policy, please contact us at privacy@fleetyr.com or mail to PO Box 876, Redbank Plains, Qld 4301.