Privacy Policy

Last Updated: May 23, 2026

This is a legal agreement between Customer and Fleeticc for the service use. By using our service, you agree to be bound by the terms and conditions of this agreement. If you do not agree to this agreement, you may not use our service.

Overview

At Fleeticc, protecting your privacy and securing your fleet data is a core part of how we operate. We collect and use information lawfully in accordance with the EU General Data Protection Regulation (GDPR) and other applicable privacy laws. We use your data only to deliver, maintain, and improve the Fleeticc platform.

Our commitments to you:

  • We never sell your personal information to third parties
  • We collect only what is needed to run GPS tracking, alerts, and account services
  • We apply strong technical and organisational safeguards to protect your data
  • You stay in control of your account, privacy choices, and data requests
  • We are clear about what we collect, why we use it, and which trusted partners help us operate the service

Information We Collect

Fleeticc processes the data described below to provide live tracking, history, alerts, reports, and account management across our web and mobile apps.

GPS hardware and vehicle telemetry

Installed GPS trackers connect over cellular data using a standard TCP session to Fleeticc's ingest service. Devices send industry GPS tracker protocol packets; we parse them and persist telemetry for maps, live tracking, history, and alerts.

Depending on the device and your configuration, we store:

  • Precise GPS positions (latitude and longitude), timestamps, speed, and heading
  • Historical track points for routes and playback
  • Optional fields when the device sends them, such as ignition or related status, battery level, odometer-style distance, fuel sensor readings (including calibration you configure in Fleeticc), and cellular tower identifiers (e.g. MCC/MNC) present in the packet

Telemetry is associated with the tracker's device identifier (IMEI or equivalent) that you link to a vehicle in your account.

Account, profile, and team users

  • Owner accounts: email (for login), name, optional phone and company or address fields you choose to provide
  • Passwords are stored only as a secure one-way hash, not as plain text
  • Optional profile or avatar image URLs you upload or link
  • Sub-users / team logins: username, access level, assigned vehicles, and related profile fields when you use delegated access
  • Email verification and related codes during signup or security flows

Vehicles you register

  • Tracker identifier (IMEI), vehicle name, license plate
  • Optional details you enter: brand, model, year, color, fuel type, SIM number, and GPS device model labels
  • Optional fuel-tank calibration data when you configure fuel reporting for a vehicle
  • Additional vehicle or identity details you choose to provide during device setup (for example chassis number or insurance information)

If you use Fleeticc in Sri Lanka, we may also ask for standard contact and vehicle information needed to activate a tracker and meet local telecom and vehicle-monitoring rules. That can include name, address, NIC or passport number, business registration details for companies, and basic vehicle registration information.

Mobile apps, web, and sessions

  • Push notification tokens (e.g. FCM) so we can deliver alerts to your devices
  • When you sign in or refresh a session, we may store client IP address, browser or app user agent, platform, and an app-reported device identifier, used for security, fraud prevention, and showing active sessions
  • Diagnostics our apps may send, such as performance or crash signals, to keep the service reliable

We do not access your phone's contact list or arbitrary files on your device beyond what you explicitly submit through Fleeticc.

Cookies and similar technologies

We use cookies and similar technologies on our website and in our apps:

  • Essential cookies: HttpOnly session cookies for sign-in, security, and preferences (for example sidebar state). These are required for the authenticated owner portal.
  • Analytics and marketing cookies (with consent): If you accept cookies on our website, we may load Google Tag Manager, Google Ads conversion tags, and Vercel Analytics / Speed Insights to measure traffic and campaign performance.

You can choose "Essential only" or "Accept all" via the cookie banner on first visit. You can change your choice by clearing site data in your browser. Our mobile apps do not use the website cookie banner; push notification tokens are used only for service alerts via Firebase Cloud Messaging.

How We Use Your Information

We use your information for the following purposes:

  • Service Provision: Providing and improving our GPS tracking services
  • Communication: Sending service notifications, updates, and support communications
  • Support: Providing customer support and technical assistance
  • Device Management: Managing device associations with your vehicles
  • Notifications: Sending push notifications for alerts and updates
  • Analytics: Analyzing usage patterns to enhance user experience (using anonymized data where possible)
  • Legal Compliance: Meeting legal and regulatory requirements where we operate
  • Alerts and geofencing: Running location-based alerts and zones you configure for your fleet

Security

Fleeticc is built with security at every layer of the platform. Your data is hosted on secure cloud infrastructure with strict access controls. Account credentials are protected with bcrypt password hashing, hashed refresh tokens, and optional two-factor authentication. All API and website traffic is encrypted in transit using TLS, and database connections use encrypted transport with our hosting providers.

Location and account data are stored on enterprise-grade cloud databases with provider-managed encryption at rest, network isolation, and monitored access. We limit who can access production systems, log sensitive admin actions, and apply rate limiting and session controls to reduce abuse. Push notifications, email, and other integrations are connected through authenticated services only for the purposes described in this policy.

If you believe your account may have been compromised, contact us immediately at support@fleeticc.com so we can help secure your access.

Data Sharing and Third-Party Services

We use subprocessors to operate Fleeticc. They process data only on our instructions and for the purposes described below:

  • Cloud hosting (Railway, Neon): Application and database hosting.
  • Resend: Transactional email (verification, password reset, reports).
  • Firebase Cloud Messaging: Mobile push notifications.
  • OpenStreetMap Nominatim: Reverse geocoding , latitude and longitude may be sent to retrieve street addresses for maps and reports.
  • Google Tag Manager / Google Ads / Vercel Analytics: Website analytics and marketing measurement (only after cookie consent on the website).
  • Legal requests: We may disclose information to courts, regulators, or law enforcement when required by applicable law.

We do not sell your personal information to third parties. Subprocessors are contractually required to protect your information. Cross-border transfers may occur where our providers operate globally; we rely on appropriate safeguards where required by law.

Your Privacy Rights

You may request access to the personal data that is collected and to correct data that may be inaccurate. In some cases, on your request, account and other collected data can be completely removed. Fleeticc reserves the right to request proper identification of you prior to providing personal data or rectifying any inaccurate data.

Depending on your location, you may have the following rights:

  • Access to your personal information
  • Correction of inaccurate data
  • A portable export of your account data (available from your Fleeticc account settings on the website)
  • Deletion of your data (subject to legal requirements)
  • Restriction of processing
  • Data portability
  • Objection to processing
  • Withdrawal of consent

To exercise these rights, please contact us at support@fleeticc.com.

Account Deletion and Erasure

You have the right to request permanent deletion of your Fleeticc account and associated personal data. Self-service automated deletion from the website or mobile app is not yet available. To request erasure, email support@fleeticc.com from your registered account email. We will verify your identity and process eligible requests in line with applicable law.

When deletion is completed, we remove account profile data, vehicles linked to your account, and associated telemetry subject to our retention rules and legal obligations. Some data may be retained where required by law or for legitimate business records (for example billing disputes).

Data Retention

We retain account and profile data while your subscription or account is active. GPS position history is kept for up to one hundred eighty (180) days so you can use playback, reports, and recent fleet history, then removed from our systems unless a longer period is required by law. Session and security logs are kept only as long as needed for fraud prevention and reliable service operation.

Children's Privacy

Our services are not intended for children under 16 years of age. We do not knowingly collect personal information from children.

Changes to This Privacy Policy

Fleeticc may change this agreement at any time for any reason by posting the modified agreement on our website. We will notify you of any significant changes through our website or email.

Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at:

Fleeticc
Sri Lanka
support@fleeticc.com
+94 (76) 824 2884