Last Update Date: 21 June 2016
EROAD cares about keeping data safe. This policy explains how and why EROAD collects data about its customers and users, what it uses the data for, who it shares it with and customers’ and users’ rights to access the data.
The EROAD Solution helps EROAD Customers with tax management, regulatory compliance and commercial services for commercial vehicles. In order to provide the EROAD Solution, EROAD Limited and its subsidiaries (collectively “EROAD”) must collect data about its Customers’ businesses and those who drive their vehicles in which EROAD Devices are installed (“Drivers”).
EROAD collects data via the EROAD Solution from:
EROAD takes customers’ and users’ data and privacy seriously. EROAD also believes that strong Customer relationships are built on trust and that Customers should be in control of how to use the data that EROAD collects or obtains via the EROAD Solution. With this in mind, EROAD is committed to the following Privacy Principles:
This Data Use and Privacy Statement describes EROAD’s data collection and use practices. It does not apply to any third-party websites, services or applications, even if they are accessible through the EROAD Solution.
Any data that is collected via the features of the EROAD Solution is covered by the Data Use and Privacy Statement in effect at the time such data is collected. EROAD may revise this Data Use and Privacy Statement from time to time. If EROAD makes any material changes to this Data Use and Privacy Statement, EROAD will provide notification of those changes by posting them on the EROAD website, Devices, EROAD Mobile or by other methods, and EROAD will update the “Last Updated Date” above to indicate when those changes will become effective.
The “EROAD Solution” is comprised of the following:
This Data Use and Privacy Statement also describes the data EROAD collects via its corporate website located at eroad.com/us, eroad.co.nz, eroad.com.au and eroadglobal.com.
EROAD’s Devices are connected to Depot. Consequently, on behalf of its Customers, EROAD tracks and collects and/or obtains data continuously from the Devices installed in vehicles. This data includes vehicle speed, location of vehicle, distances travelled, direction of vehicle movement, ignition on/off, harsh acceleration, braking or lateral movements, vehicle registration plate number, serial number of the tracking device, vehicle weight type, refuelling of vehicle, vehicle registration data, data about the behaviour of the Drivers of the vehicles, including hours of service, Drivers’ license information data, Drivers’ employer identification information data, and certain Driver medical and health information.
Subject to this Data Use and Privacy Statement, Customer decides the purposes for which this data is subsequently used and who will have access to the data. If someone other than a Driver is using a Customer’s vehicle, Customer is responsible for informing those individuals about the data that is collected from the vehicle via the Devices and that Customer and EROAD have access to this data.
The Devices and EROAD Mobile automatically upload the data collected or obtained via the Devices and EROAD Mobile to Depot, where is it stored on behalf of EROAD’s Customers. Business Admin Users can log into Depot via their EROAD accounts (and Drivers if they have EROAD accounts), to access and view data that is collected by the Devices and EROAD Mobile. Upon creation of these accounts, EROAD will collect certain PII about the Business Admin Users and Drivers, such as names, email addresses, telephone numbers and, for Drivers, driver license and medical card details. EROAD will use this PII to (i) provide the EROAD Solution to these Business Admin Users, Drivers and Customers and to contact them in connection with their use of the EROAD Solution, (ii) contact these Business Admin Users and Drivers and Customers about the EROAD Solution, (iii) occasionally send data related to the EROAD Solution or related EROAD products/services to 0these Business Admin Users and Drivers and Customers, (iv) provide customer support requested by Customer, Business Admin Users or Drivers, or (v) make Customer, Business Admin Users and Drivers aware of updates to the EROAD Solution (the Collection Purposes). EROAD recommends that Customers, Business Admin Users and Drivers keep their account details confidential and use a password that they do not use elsewhere.
EROAD collects PII and other data from Business Admin Users and Drivers who use EROAD Mobile. Such data includes PII and other data about the Drivers’ use of the Devices and Customers’ vehicles – for example Drivers can log number of driving hours, breaks, rest stops and other driving related activity via EROAD Mobile. EROAD collects certain data that mobile devices send when Business Admin Users and Drivers use EROAD Mobile, like a device identifier, user settings and the operating system of the device, as well as data about use of EROAD Mobile. EROAD also collects and stores data about the location of the Business Admin Users and Drivers using EROAD Mobile by accessing the applicable mobile device’s GPS coordinates or coarse location on the mobile device. EROAD will use the PII collected from EROAD Mobile for the Collection Purposes outlined above.
Customers can pay road tax and other regulatory charges via the EROAD Payment Gateway feature. EROAD will collect financial data from the Customer or Business Admin Users in order to process such payments, together with the payment details.
EROAD collects data from visitors to its website described below under the section entitled “Data Collected Using Cookies and other Web Technologies”. In addition, EROAD may collect some PII from such visitors in order to respond to visitor’s requests, for example, to respond to enquiries about the EROAD Solution.
When Customers and Business Admin Users contact Customer’s EROAD account manager or Customer support teams, or acquire additional services from EROAD, EROAD will collect and use data about Customer’s business. In addition, Customers may be invited to participate in surveys, which will prompt collection of information about Customers’ businesses. EROAD also uses information about Customers and Drivers to offer promotions or information about EROAD products and services which may be of interest to the Customers and Drivers.
Like many website and mobile application operators, EROAD uses automated data collection tools such as Cookies and Web Beacons to collect certain data.
Customer understands that Customer must obtain all applicable permissions from Business Admin Users and Drivers to allow EROAD to obtain, collect and/or use the data, including PII, described in this Data Use and Privacy Statement and that Customer must take reasonable steps to ensure that the Business Admin Users and Drivers are aware of, and have consented to, such obtaining, collection or use of, PII by, EROAD.
Customer can access data on Depot (including PII about Customer’s Drivers) and use it for the following purposes:
EROAD will not share any data and PII that EROAD has collected or obtains via the EROAD Solution except as described below:
All data and PII collected or obtained by EROAD relating to Business Admin Users and Drivers will be available to the applicable Customer via Depot.
EROAD may engage third-party services providers to work with EROAD to administer and provide the EROAD Solution, such as service providers to assist with processing credit card payments. These third-party services providers have access to the data and PII only for the purpose of performing services on EROAD’s behalf.
EROAD may obtain carrier, vehicle, and transportation permit information from, and file reports with, the regulatory authorities, on behalf of Customers in order for the Devices to operate and for the Devices to calculate and pay road taxes and regulatory charges and consequently EROAD will provide applicable Customer data to the regulatory authorities. Drivers and Customers may request that EROAD provides, on the Driver’s or Customer’s behalf, hours of service or vehicle compliance information to regulatory authorities. EROAD may also provide, on request by regulatory authorities, data that is publically available or publically displayed on vehicles including the distance licences, the distance travelled by a vehicle, the distance purchased for a distance license, vehicle type, weight permits and registration number.
EROAD may use and share aggregated data and non-identifying data with third parties for industry research and analysis, demographic profiling and other similar purposes. EROAD may receive consideration from third parties in exchange for sharing such aggregated and non-identifying data with third parties.
Data that EROAD collects or obtains via the EROAD Solution is considered to be a business asset. If EROAD is acquired by a third party as a result of a transaction such as a merger, acquisition or asset sale or if EROAD’s assets are acquired by a third party in the event EROAD goes out of business or enters bankruptcy, some or all of EROAD’s assets, including data and PII, may be disclosed or transferred to a third party acquirer in connection with the transaction.
To comply with the law, EROAD may disclose any data it collects or obtains via the EROAD Solution to government (including regulatory authorities) or law enforcement officials or private parties as EROAD, in its sole discretion, believes necessary or appropriate: (i) to respond to claims, pursuant to legal process (including subpoenas, summons, discovery or disclosure orders or compulsory production orders); (ii) to protect EROAD’s property, rights and safety and the property, rights and safety of a third party or the public in general; and (iii) to stop any activity that EROAD considers illegal, unethical or legally actionable activity.
Business Admin Users or Drivers are not required to provide PII to EROAD. However, if Business Admin Users or Drivers, chose not to supply PII, EROAD may be unable to provide the Customer with the EROAD Solution, Devices or Mobile App.
If Business Admin Users or Drivers believe that EROAD holds PII about them is incorrect, incomplete or inaccurate, then they have the right to request EROAD to amend it. EROAD will consider if the PII requires amendment. If EROAD does not agree that there are grounds for amendment then EROAD will add a note to the PII stating that the Business Admin Users or Driver concerned disagree with it, or otherwise the action it deems appropriate.
The EROAD website does not have the capability to respond to “Do Not Track” signals received from various web browsers.
We regularly conduct independent security testing and our policies and procedures are aligned to internationally accepted control objectives and practices for privacy, security and information systems. EROAD encrypts PII using SSL or other technologies. Please be aware, however, that no method of transmitting data over the Internet or storing data is completely secure. Accordingly, EROAD cannot guarantee the absolute security of any data.
The data described in this Data Use and Privacy Statement, including PII, may be transferred to, and maintained on, computers located outside of your state, province, country or other governmental jurisdiction where the privacy laws may not be as protective as those in your jurisdiction. If Business Admin Users and Drivers are located outside the United States, their PII may be transferred to the United States and processed there.
EROAD stores all data collected from New Zealand and Australian Customers and Drivers on servers located in Australia.
Please contact EROAD’s Privacy Officer at firstname.lastname@example.org if you have any questions about this Data Use and Privacy Statement.
EROAD Limited’s registered office is located at 260 Oteha Valley Rd, Albany, Auckland, New Zealand 0632. EROAD Inc is located at 7618 SW Mohawk St, Tualatin, Oregon, United States 97062.