Privacy Notice
We at Autofleet ("Autofleet" – as more fully detailed below, "us", "we", or "our") recognize and respect the importance of maintaining your privacy. This Privacy Notice describes the types of information we collect from you when you use any of the services offered by Autofleet (collectively, the "Services") as follows:
- If you are a representative of one of our customers ("Fleet Operator" and "Customer", respectively) using our vehicle and fleet management web platform ("Platform") to manage the Customer's fleet;
- If you are a driver or field agent ("Driver") using our Driver App ("Driver App") in connection with a Customer's fleet;
- If you are a passenger ("Passenger") using our Passenger App ("Passenger App") to order and pay for rides offered by one of our Customers.
This Privacy Notice also explains how we process, transfer, store and disclose the information collected, as well as your ability to control certain uses of the collected information. "You" means any adult who is a Fleet Operator, Driver, or Passenger.
The applicable Customer is the data controller with respect to the processing of your Personal Data (defined below). Autofleet serves as a data processor of your Personal Data on behalf of the applicable Customer. Depending on the Autofleet entity that the Customer contracts with, Autofleet can be Autofleet Systems Ltd., with registered office is Hamelacha 3 , Tel Aviv-Yafo, Israel and our registration number is 515754224, Autofleet Inc. or Jidofleet PTE. Support services, if provided, are provided by the Autofleet entity the Customer has contracted with together with Autofleet Systems Ltd.
If you are an individual located in the European Union ("EU Individual"), some additional terms and rights may apply to you, as detailed herein.
"Personal Data" means any information that refers, is related to, or is associated with an identified or identifiable individual or as otherwise may be defined by applicable law.
Privacy Notice Key Points
The key points listed below are presented in further detail throughout this Privacy Notice. You can click on the headers in this section in order to find out more information about any topic. These key points do not substitute the full Privacy Notice.
1. Personal Data We Collect and How We Use It.
2. Use for Analytics.
3. Sharing the Personal Data We Collect.
4. International Transfer.
5. Security.
6. Your Rights - How to Access and Limit Use of Certain Personal Data. 7. Data Retention.
8. Cookies and Similar Technologies.
9. Third-Party Applications and Services.
10. Communications.
11. Children.
12. Changes to the Privacy Notice.
13. Comments and Questions.
***
1. Personal Data We Collect and How We Use It. When we collect and use your Personal Data, we do so solely for the purpose of providing services to the applicable Customer. As such, our processing activities are solely at the applicable Customer's instructions and under its control. You have no legal obligation to provide us with Personal Data, but if you refuse to provide such Personal Data we may not be able to register you to the Platform.
1.1. Fleet Operators. If you are using the Platform as a Fleet Operator or Partner on behalf of a Customer, we will collect your name, phone number, and (work) email address. We use this Personal Data in order to identify you, authenticate your account, and provide you with access to the Platform and Services available thereon.
1.2. Drivers/Field Agents using the Driver App. If you are using the Driver App, we collect basic Personal Data, such as your name, phone number, in order to identify you and allow you to access the Driver App, along with a photograph of you, which is included as part of your profile. We also collect information about your usage of the Driver App, such as the times during which you are driving. You may also choose to add your address, which may help us provide you with better Services. In addition, we collect your location data, which allows us to provide certain functionalities within the Driver App. We cannot collect precise geo-location data without your consent. Finally, we automatically collect your device ID and data about your interaction with the Driver App, such as buttons clicked and screens viewed, which we use on an aggregate basis for analytics purposes.
1.3. Passengers. If you are a Passenger of one of our Customers, whether or not you use the Passenger App, we will collect certain Personal Data about you, such as details of your ride (pick-up and drop off locations, vehicle details, details of the relevant Driver of your ride). If you use the Passenger App, you can create a profile and enter your full name, email address, phone number, and a profile photo or image. Certain profile information may be optional. We use this information in order to provide you with Servicesthrough the Passenger App. To order a ride, you can input your desired pick-up and drop off locations manually or may choose to allow us to collect your exact geo-location, which we will only do with your consent. In order to pay for rides through the Passenger App, you may be required to provide your credit card details, which will be handled by a third-party payment processor. We will receive a reference to the card that includes the expiration date and the last four digits of the card number as well as other information, such as the outstanding balance and promo codes associated with your account.
2. Use for Analytics. We and/or our service providers use analytics tools, including "Google Analytics" to collect and analyze information about the use of the Platform, Apps, and Services. By analyzing the information we receive, we may compile statistical information across a variety of platforms and users, which helps us improve our Platform, Apps, and Services, understand trends and customer needs and consider new products and services, and tailor existing products and services to customer desires. The information we collect is anonymous and aggregated and we will not link it to any Personal Data. We may share such anonymous information with our partners, without restriction, on commercial terms that we can determine in our sole discretion. You can find more information about how
Google collects information and how you can control such use at https://policies.google.com/technologies/partner-sites.
3. Sharing the Personal Data We Collect. We share your information, including Personal Data, as follows:
3.1. Customers. We share information, including your Personal Data, with the relevant Customer that acts as a controller of your Personal Data.
3.2. Service Providers, and Subcontractors. We disclose information, including Personal Data we collect from and/or about you, to our trusted service providers and subcontractors, who have agreed to confidentiality restrictions and who use such information solely on our behalf in order to: (1) help us provide you with the Platform and/or Services; and (2) aid in our understanding of how users are using our Platform and/or Services.
Such service providers and subcontractors provide us with IT and system administration services, data backup, security, and storage services, payment processing services, data analytics services, and assist us in authenticating users, including by sending messages via SMS or email.
3.3. Law Enforcement Related Disclosure. We may share your Personal Data with third parties: (i) if we believe in good faith that disclosure is appropriate to protect our or a third party's rights, property or safety (including the enforcement of this Privacy Notice); (ii) when required by law, regulation subpoena, court order or other law enforcement related issues, agencies and/or authorities; or (iii) as is necessary to comply with any legal and/or regulatory obligation.
3.4. Legal Uses. We may use your Personal Data as required or permitted by any applicable law, for example, to comply with audit and other legal requirements.
4. International Transfer.
4.1. We use subcontractors and service providers who are located in countries other than your own and send them information we receive (including Personal Data). We conduct such international transfers for the purposes described above. We will ensure that these third parties will be subject to written agreements ensuring the same level of privacy and data protection as set forth in this Privacy Notice, including appropriate remedies in the event of the violation of your data protection rights in such third country.
4.2. Whenever we transfer your Personal Data to third parties based outside of the European Economic Area ("EEA") and when required under applicable law, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
4.2.1. We will only transfer your Personal Data to countries that have been deemed to provide an adequate level of protection for Personal Data by the European Commission.
4.2.2. Where we use certain service providers not located in countries with an
adequate level of protection as determined by the European Commission, we may use specific contracts approved by the European Commission which give Personal Data the same protection it has in the EEA.
4.3. Please contact us at hey@autofleet.io if you would like further information on the specific mechanism used by us when transferring your Personal Data out of the EEA.
5. Security. We have implemented and maintain appropriate technical and organization security measures, policies and procedures designed to reduce the risk of accidental destruction or loss, or the unauthorized disclosure or access to Personal Data appropriate to the nature of such data. The measures we take include:
5.1. Safeguards – The physical, electronic, and procedural safeguards we employ to protect your Personal Data include secure servers, firewalls, antivirus, and SSL encryption of data.
5.2. Access Control – We dedicate efforts for a proper management of system entries and limit access only to authorized personnel on a need to know basis of least privilege rules, review permissions quarterly, and revoke access immediately after employee termination.
5.3. Internal Policies – We maintain and regularly review and update our privacy related and information security policies.
5.4. Personnel – We require new employees to sign non-disclosure agreements according to applicable law and industry customary practice.
5.5. Encryption – We encrypt the data in transit using secure TLS 1.2 protocols.
5.6. Database Backup – Our databases are backed up on a periodic basis for certain data and are verified regularly. Backups are encrypted and stored within the production environment to preserve their confidentiality and integrity, are tested regularly to ensure availability, and are accessible only by authorized personnel.
5.7. However, no method of transmission over the Internet or method of electronic storage is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.
5.8. As the security of information depends in part on the security of the computer you use to communicate with us and the security you use to protect user IDs and passwords, please take appropriate measures to protect this information.
6. Your Rights - How to Access and Limit Use of Certain Personal Data. Subject to applicable law and certain exemptions, and in some cases dependent upon the processing activity we are undertaking, you have certain rights in relation to the Personal Data that we hold about you on behalf of the Customer, as detailed below. The applicable Customer, as the data controller, is responsible for compliance with your requests. For any requests to exercise such rights, please contact the Customer directly. If you submit a request to us, we will refer your request to the applicable Customer and may not answer you directly.
6.1. Right of Access. You have a right to know what Personal Data we collect about you and, in some cases, to have such Personal Data communicated to you. Subject to applicable law, you may be charged with a fee.
6.2. Right to Data Portability. If the processing is based on your consent or performance of a contract with you and processing is being carried out by automated means, you may be entitled to receive a copy of the Personal Data you provided to us in a structured, commonly-used, and machine-readable format.
6.3. Right to Correct Personal Data. Subject to the limitations in applicable law, you may request that inaccurate, incomplete, or outdated Personal Data be updated, completed, corrected, or deleted.
6.4. Deletion of Personal Data ("Right to Be Forgotten"). If you are an EU Individual, you have a right to request that your Personal Data be deleted if either: (i) it is no longer needed for the purpose for which it was collected, (ii) processing was based on your consent and you have withdrawn your consent, (iii) you have successfully exercised your Right to Object (see below), (iv) processing was unlawful, or (v) it is required to be erased for compliance with a legal obligation. We cannot restore information once it has been deleted. Please note that to ensure that we do not collect any further Personal Data, you should also delete our Driver or Passenger App from your mobile devices and clear our cookies from any device where you have used our Platform. We may retain certain Personal Data (including following your request to delete) for audit and record-keeping purposes, or as otherwise permitted and/or required under applicable law.
6.5. Right to Restrict Processing. If you are an EU Individual, you can request that processing of your Personal Data be deleted if either: (i) you have contested its accuracy and wish to limit processing until this is verified; (ii) the processing is unlawful, but you do not wish have the Personal Data erased; (iii) it is no longer needed for the purposes for which it was collected, but we or the Customer still need it to establish, exercise, or defend of a legal claim; (iv) you have exercised your Right to Object (below) and the legitimate grounds for processing is being verified. Processing may continue after a restriction request under certain circumstances.
6.6. Right to Object. If you are an EU Individual, you can object to any processing of your Personal Data which has legitimate interests as its legal basis, if you believe your fundamental rights and freedoms outweigh the legitimate interests. If you raise an objection, the Customer will have an opportunity to demonstrate that it has a compelling legitimate interest that overrides your rights and freedoms.
6.7. Withdrawal of Consent. You may withdraw your consent in connection with any processing of your Personal Data based on a previously granted consent. This will not affect the lawfulness of any processing prior to such withdrawal.
6.8. Right to Lodge a Complaint with Your Local Supervisory Authority. If you are an EU Individual, you may have the right to submit a complaint to the relevant supervisory data protection authority if you have any concerns about how your Personal Data is being processed, though we ask that as a courtesy you please attempt to resolve any issues with us or the applicable Customer first.
7. Data Retention.
7.1. Subject to applicable law, we retain Personal Data as necessary for the purposes set forth above and in accordance with the instructions of the applicable Customer. We may delete information from our systems without notice to you once we deem it is no longer necessary for these purposes. Retention by any of our processors may vary in accordance with the processor's retention policy.
7.2. In some circumstances, we may store your Personal Data for longer periods of time, for instance where we are required to do so in accordance with legal, regulatory, tax, audit, accounting requirements and so that we have an accurate record of your dealings with us in the event of any complaints or challenges, or if we reasonably believe there is a prospect of litigation relating to your Personal Data or dealings. In such case, our legal basis for processing your Personal Data will be our legitimate interest.
7.3. Please contact us at hey@autofleet.io if you would like details regarding the retention periods for different types of your Personal Data.
8. Cookies and Similar Technologies. We use cookies and similar technologies for a number of reasons, including to help personalize your experience. When visiting this Platform, you shall be notified of the use of and placement of cookies and other similar technologies on your device as specified herein.
8.1. What are Cookies? A cookie is a small piece of text that is sent to a user's browser or device. The browser provides this piece of text to the device of the originating user when this user returns.
8.1.1. A "session cookie" is temporary and will remain on your device until you leave the Platform.
8.1.2. A "persistent" cookie may be used to help save your settings and customizations across visits. It will remain on your device until you delete it.
8.1.3. First-party cookies are placed by us, while third-party cookies may be placed by a third party. We use both first- and third-party cookies.
8.1.4. We may use the terms "cookies" to refer to all technologies that we may use to store data in your browser or device or that collect information or help us identify you in the manner described above, such as web beacons or "pixel tags".
8.2. How We Use Cookies. We use cookies and similar technologies for a number of reasons, as specified below. We will not place any cookies on your browser or mobile App that are not strictly necessary unless you have first consented to the cookie pop up.
The specific names and types of the cookies, web beacons, and other similar technologies we use may change from time to time. However, the cookies we use generally fall into one of the following categories:
Type of Cookie | Why We Use These Cookies |
Security | These cookies can help us identify and prevent security risks. They may be used to store your session information to prevent others from changing your password without your login information. |
Analytics | These cookies collect information regarding your activity on our Platform and Apps to help us learn more about which features are popular with our users and how our Services can be improved. |
8.3. How to Adjust Your Preferences. Most Web browsers or mobile devices are initially configured to accept cookies, but you can change this setting so your browser either refuses all cookies or informs you when a cookie is being sent. In addition, you are free to delete any existing cookies at any time. Please note that some features of the Services may not function properly when cookies are disabled or removed. For example, if you delete cookies that store your account information or preferences, you will be required to input these each time you visit.
9. Third-Party Applications and Services. All use of third-party applications or services is at your own risk and subject to such third party's terms and privacy policies.
10. Communications. We reserve the right to send you service-related communications, including service announcements and administrative messages as part of the Services we provide, without offering you the opportunity to opt out of receiving them. Should you not wish to receive such communications, you may terminate your use of the Services.
11. Children. We do not knowingly collect Personal Data from children under the age of sixteen (16). In the event that you become aware that an individual under the age of sixteen (16) has enrolled to use our Services without parental permission, please advise us immediately.
12. Changes to the Privacy Notice. We may update this Privacy Notice from time to time to keep it up to date with legal requirements and the way we operate our business, and we will place any updates on this webpage. Please come back to this page every now and then to make sure you are familiar with the latest version. If we make material changes to this Privacy Notice, we will seek to inform you by notice through the Platform or via email.
13. Comments and Questions. If you have any comments or questions about this Privacy Notice, please contact us at hey@autofleet.io.
Last updated: April 2024