Transtrack International BV/Transtrack Services BV (”we”) are committed to protecting and respecting your privacy.

This notice together with our terms and conditions (available upon request) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us.

Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. This Privacy Policy shall be governed by and construed under and in accordance with Dutch Law.

For the purposes of data protection legislation in force from time to time, the data controller is Transtrack International BV/Transtrack Services BV, Science Park 400, 1090 XH Amsterdam, The Netherlands.

What information we collect

We collect a variety of information that you provide directly to us. In general, we collect information from you through:

• Direct contact;
• Signing up for email updates;
• Submitting requests or questions to us via forms or email;
• Requesting customer support and technical assistance.

The types of data we collect directly from you include:

• Name, job title, and work-related address, telephone number and email address;
• Information about your customer service and maintenance interactions with us;
• Information you provide to us in connection with any interaction with us, including, for example, current job information, geographic area, educational and work experience and other information;
• Publicly available information from third parties about you in connection with any interactions with us (LinkedIn, for instance);
• Any other information you choose to directly provide to us in connection with your use of our products and/or services.

We collect information about you to carry out our core business and ancillary activities.

How do we use this information?

We process the data listed above for the following purposes:

• As required to establish and fulfill a contract with you, for example, if you make a purchase from us or enter into an agreement to provide or receive services;
• To comply with applicable law and regulation;
• In accordance with our legitimate interests in protecting Transtrack’s legitimate business interests and legal rights, including but not limited to, use in connection with legal claims, compliance, regulatory and investigative purposes (including disclosure of such information in connection with legal process or litigation);
• With your express consent to respond to any comments or complaints we may receive from you, and/or in accordance with our legitimate interests including to investigate any complaints received from you or from others, about our website or our products and/or services;
• We may use information you provide to personalize (i) our communications to you; (ii) our website; and (iii) products and/or services for you in accordance with our legitimate interests;
• To monitor use of our website, products and/or services. We may use your information to help us check, improve and protect our products, content, services and website, both online and offline in accordance with our legitimate interest
• We may use your information to invite you to take part in market research or surveys.

Email notifications

We want to communicate with you only if you want to hear from us. We try to keep emails to a minimum and give you the ability to opt in to any marketing communications we send.

You may also elect to receive certain marketing email communications, in accordance with your preferences, and from which you may opt out at any time by letting us (privacy@transtrackinternational.com) know of this decision.

We’ll also send you service-related announcements when it’s necessary to do so.

With whom and where will we share your data?

We may share your data with our subsidiaries/affiliates to process it for the purposes of inter-group administration and to deliver products or services where elements of these are provided by group companies other than those with which you have directly contracted.

We may also share your personal data with the below third parties:

• our professional advisors such as our auditors and external legal and financial advisors;
• our suppliers, business partners and sub-contractors; and/or
• search engine and web analytics.

We may also share your data with third parties who we partner with for advertising campaigns, contests, special offers or other events or activities in connection with our products and/or services, unless you choose to opt out of such communications.

Your data may be shared with government authorities and/or law enforcement officials if required for the purposes above, if mandated by law or if needed for the legal protection of our legitimate interests in compliance with applicable laws. Data may also be shared with third party service providers who will process it on our behalf for the purposes above. Such third parties include, but are not limited to, providers of maintenance and services.

Where is your data stored?

The data that we collect from you may be transferred to, and stored outside the European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers, in which case the third country’s data protection laws will have been approved as adequate by the European Commission or other applicable safeguards are in place.

Data Security

We are committed to ensuring that your data is secure. We take reasonable measures including administrative, technical and physical procedures to protect your data from loss, theft, misuse, unauthorized access, disclosure, alteration and destruction.

This high level of security can only be effective if you follow certain security practices yourself including never sharing your Account or login details with anyone. If you believe that any of your Account login details have been exposed, you can change your password at any time through the application portal, but you should always also immediately contact your company IT Security team and us.

Transmission of information via the Internet is not completely secure. Therefore, we cannot guarantee the security of the transmission of your data to us. Any transmission is at your own risk. Once we have received your data, we will use strict procedures and security structures to prevent unauthorized access.

Retention of your data

We keep your data for no longer than necessary for the purposes for which it is processed. The length of time for which we retain information depends on the purposes for which we collected and use it and/or as required to comply with applicable laws.

The GDPR provides you with the following rights to:

• Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
• Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing.
• Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
• Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
• Request the transfer of your personal information to another party in certain formats, if practicable.
• Make a complaint to a supervisory body, which in The Netherlands is the Autoriteit Persoonsgegevens. They can be contacted through this link: https://autoriteitpersoonsgegevens.nl

You can request the erasure/correction of your data via emailing this request to: privacy@transtrackinternatonal.com.

If you are our customer/partner, are we a data controller or a data processor?

We do not own, control or direct the use of any of the data stored or processed by any customer/partner. Only the customers/partners are entitled to access, retrieve and direct the use of such data. We are fully unaware of what data is actually being stored or made available by a customer/partner by using our products. We do not directly access such data except as incidentally authorized by the customer/partner, or as necessary to provide support/services to the customers/partners.

Because we do not collect or determine the use of any (personal) data contained in the customer/partner data and because it does not determine the purposes for which such (personal) data is collected, the means of collecting such (personal) data, or the use of such (personal) data, we are not acting in the capacity of data controller in terms of the European Union’s General Data Protection Regulation (Regulation (EU) 2016/679, hereinafter “GDPR”) and do not have the associated responsibilities under the GDPR. We should be considered only as a processor on behalf of our customers/partner as to any data containing personal data that is subject to the requirements of the GDPR. Except as provided in this privacy policy, we do not independently cause data containing personal data stored in connection with support/services to be transferred or otherwise made available to third parties, except to third party subcontractors who may process such data on our behalf in connection with the provision of support/services. Such actions are performed or authorized only by the customer/partner concerned.

The customer/partner is the data controller under the GDPR for any data containing personal data, meaning that such party controls the manner such personal data is collected and used as well as the determination of the purposes and means of the processing of such personal data.

We are not responsible/liable for the content of the personal data contained in the data or other information stored on its servers (or its subcontractors’ servers) at the discretion of the customer nor are we responsible/liable for the manner in which the customer collects, handles disclosure, distributes or otherwise processes such data/ information.