Privacy Policy

This privacy policy describes the personal data (defined below) that UAB „Aosta“, company code 304846050, with a principal place of business at Šalčininkai Sodu 11, Republic of Lithuania (the “Company”) collect about you, how we use and protect this personal data, and the choices you can make about how we may use your personal data.

Throughout this privacy policy, “we”, “us” and “our” refer to Company and “you” or “your” refer to you personally (i.e., the individual who reads and agrees to be bound by these Terms), and, if you access TRAKK on behalf of a corporation or other legal entity, you and such corporation or other legal entity on whose behalf you access TRAKK.

Company complies with the General Data Protection Regulation (EU Regulation 2016/679) (“GDPR”). Your rights in relation to the GDPR are detailed below. If you have any questions, please contact us by e-mai info@trakk.lt.

Please note that this privacy policy covers only those instances when the purposes and means of processing your personal data are determined by us (i.e., when we are a “controller” as defined by the GDPR). This privacy policy does not apply to any of your personal data which we may process on behalf of our customers (i.e., when we are a “processor” as defined by the GDPR); please therefore directly contact the relevant controller (e.g., your employer, if you are an employee of a Company’s customer) for more information about their privacy practices as it relates to such data.

1. COLLECTION AND USE OF PERSONAL DATA

Personal Data. “Personal data” is any information that relates to an identified or identifiable individual or as otherwise defined by an applicable data protection law or regulation. Company may collect a variety of personal data about you in a number of ways:

• Personal data you provide directly. We may collect personal data (e.g., name, midlename, surname, email address, username, phone number) that you provide directly, such as when you access TRAKK, create a user account with us (e.g., creating an admin account in TRAKK dashboard), register our products, or otherwise give us your name, email address, or other information. You may also choose to submit personal data to us via other methods, such as: in response to marketing or other communications; through social media or online forums; through participation in an offer, program or promotion; in connection with an actual or potential business relationship with us; or by giving us your business card or contact details at trade shows or other events. When you contact Company, we may also keep a record of your communication to better support you in the future. From time to time, we may offer referral programs to refer prospective customers to us. Please refer a prospective customer and provide their personal data to us only if you have their permission. If you later find out you did not have such consent, please inform us as soon as possible.
• Personal data we collect automatically. We may automatically collect information about how you use and engage with our business, products and/or services over time (e.g., via our websites, dashboard, or applications), and some of this may be personal data. In addition, we may use cookies and other technologies to function effectively. We also collect GPS information: precise location data to provide navigation and location-based services.
• Personal data we collect from other sources. As mentioned above, we may receive your personal data via a referral. In addition, we may supplement other personal data we have collected with information from third parties or other publicly available sources.

Categories of personal data we typically collect

Depending on your interaction with our business, we may collect:

• Personal identifiers, such as your real name, alias, postal address, unique personal identifier, online identifier, government-issued identifiers, email address, phone number, account name, or other similar identifiers.
• Internet activity information, such as Internet protocol (IP) address, device and advertising identifiers, browser type, operating system, Internet service provider, the web page that directed you to our services, the date and time of your visit, information about how you engage with us (e.g., the links or buttons you click on our application), whether an email was opened, and other standard server log information.
• Commercial information, such as records of products or services purchased, obtained, or considered, or other purchasing or consumption histories or tendencies.
• Professional information, such as your title and other professional contact information.
• Location, such as exact address and/or coordinates of the location. This data is being collected automatically after the user confirms the access to such data. Information about location is being used for the purpose of tracking vehicles and/or cargos.
• Photo library. This data is being collected to upload photos of the documents accompanying the cargo (e.g. photo of the CMR consignment note, photo of the export declaration, etc.), as well as photos of the condition of the cargo (e.g. improper packaging, damage to the packaging or to the cargo, etc.). We will have the access to photo library only after user confirms access to such data.

Sensitive personal information: We do not collect any “sensitive personal information” as defined by GDPR. Accordingly, we do not use, disclose, sell, or share “sensitive personal information.”

How we use personal data we collect. We collect, use, and store your personal data for the reasons set out below.

1. Where the processing is necessary for us to administer our relationship with you, such as:
   • creating and administering orders for you (including, if necessary, processing payments and other administrative matters);
   • registering, maintaining and managing your account (e.g., email preferences) or for interacting with our business (e.g., via our website, telephone, video conferencing and/or email);
   • providing you with support and responding to your queries, feedback, claims and/or disputes;
   • when visiting our offices or attending events.
2. Where necessary for Company’s legitimate interests, and where our interests are not overridden by your data protection rights, such as:
   • developing product or service features or functionalities, including when you give us feature feedback and suggestions;
   • managing and improving our website, systems and infrastructure;
   • identifying, developing, and marketing products and services that we believe will interest you;
   • communicating with you regarding our business, administrative notices, products and services, including promotional offers and suggested products, services, or new features or functionalities which may be of interest to you;
   • protecting the security of our premises, assets, systems, customers, customer end users, and intellectual property and enforcing company policies;
   • undertaking mergers, acquisitions, reorganizations, or disposals, as permitted/required in accordance with local law;
   • protecting our legitimate business interests and legal rights, including use in connection with legal claims, compliance, regulatory, auditing, investigative and disciplinary purposes (including disclosure of such information in connection with legal process or litigation) and other ethics and compliance reporting requirements.
3. Where necessary to comply with a legal obligation, such as:
   • tax law and similar obligations (e.g., tax and national insurance reporting, filing and withholding);
   • responding to court orders, subpoenas or other legal processes with which Company is required to comply; or
   • complying with legal, regulatory and other requirements.

We may provide you with more specific notices for some of the processing described above and, if we require your consent, will ask for this at the appropriate time.

To the extent that we process any special categories of personal data relating to you, we will do so because: (i) the data has been manifestly made public; (ii) the processing is necessary for the establishment, exercise or defense of a legal claim; (iii) the processing is necessary for reasons of substantial public interest; and/or (iv) you have given your explicit consent to us to process that information (where legally permissible).

2. HOW LONG DO WE STORE YOUR DATA?

Personal data is maintained on our servers or those of our service providers or other partners and is accessible by authorized employees, representatives, agents, and service providers who require access for the purposes described herein. We will retain personal data only for as long as necessary to fulfill the purpose for which it was collected or to comply with legal, regulatory or internal policy requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

3. TRANSFER AND DISCLOSURE OF PERSONAL DATA

We may disclose or transfer the categories of personal data outlined above in certain circumstances, including:

• to a buyer or other successor, in the event of a merger, acquisition, divestiture, restructuring, reorganization, dissolution or other sale or transfer of some or all of our assets;
• to our subsidiaries, affiliates, agents, contractors, event sponsors, service providers and other partners we use to support our business and/or collaborate with (e.g., analytics, advertising, email, session replay, teleconference, and data storage and collaboration service providers and partners); provided they are generally bound by contractual obligations to keep such personal data confidential and only use it for the purposes of providing the services for, or with, us based upon your chosen settings, configurations, and/or purchases;
• to comply with any court order, law or legal process, including to respond to any government or regulatory request;
• to enforce or apply our Terms of Service and/or any other agreement that governs the sale, use or purchases of our products and/or services;
• to protect the rights, property or security of the Company, our employees, our users and/or others.

4. COOKIES AND SIMILAR TECHNOLOGIES

Some personal data may be collected by us or our partners through cookies, pixel tags, or software development kits (“SDKs”), and other similar technologies for a variety of purposes. These can be used for analyzing trends, administering our website or applications and your communications with us, tracking users’ movement and behavior on our website and applications, and gathering information about our user base (such as location information on IP addresses, displaying advertising on our websites, and to manage our advertising on other sites). Cookies, used by most websites, are text files stored on a user's browser containing information about the user (e.g., information about devices and networks used to access our website). Pixel tags (also known as “web beacons” or “clear GIFs”) are very small images or small pieces of data embedded in images that can recognize cookies, the time and date a page is viewed, a description of the page where the pixel tag is placed, whether an email was viewed, and similar information from your computer or device. SDKs are computer code that mobile app developers can include in their apps to enable data to be collected and related functionalities to be implemented.

5. ONWARD TRANSFER OF PERSONAL DATA

To facilitate our global operations, and in accordance with applicable laws, we may transfer your personal data to, and access your personal data from, our offices, subsidiaries, affiliates and service providers in the various countries in which we or they operate. This may be to a country other than the one in which it was provided or collected. When we transfer your personal data, we do so in compliance with applicable data protection laws. We take steps to protect personal data in whatever country it is stored in, transferred to or accessed from.

6. SECURITY

We are committed to keeping personal data secure, and we have implemented contractual, technical and organizational measures to protect personal data against its unauthorized access, use, and disclosure. Such measures have been implemented taking into account the state of the art of the technology, their cost of implementation, and the risks presented by the processing and the nature of the personal data. When we provide your personal data to third parties, including service providers, we require those companies to protect the personal data they receive.

Nevertheless, although we have tried to make our products and services secure and reliable, the confidentiality of any communication or material transmitted to or from us cannot be guaranteed. We therefore urge you to exercise caution when conveying any personal data over the Internet. As when disclosing any information on the Internet, you should remain mindful that such information might be accessible by the public and, consequently, may be collected and used by others without your consent. You should also recognize that your use of the Internet and any other means of communication with us is solely at your own risk.

7. OUR POLICY TOWARD MINORS

Our website, products and services are not directed to minors under 16 and we do not knowingly collect personal data from minors or sell or share such data. If we learn that we have collected personal data of a minor under 16 we will take steps to delete such information from our files as soon as possible.

8. DATA PROTECTION RIGHTS, AND HOW TO EXERCISE

You may have a right to know what personal information Company has collected about you, and you may have a right to access and to obtain a copy of this personal data. If you believe that any personal data we hold about you is incorrect or incomplete, you may also request the correction of it. You have additional rights if you are based in India; namely: you have the right to seek the redressal of any grievances which you have under this notice as well as the right to nominate an individual who may exercise your rights hereunder in relation to your personal data in the case of your death or incapacity.

You may also have the right to:

• object to the processing of your personal data;
• request the deletion of your personal data;
• request a restriction on the processing of your personal data;
• withdraw your consent, where Company obtained your consent to process personal data (without this withdrawal affecting the lawfulness of any processing that took place prior to the withdrawal).

Company will honor such requests for access, correction, deletion or restriction and/or any withdrawal or objection as required under the applicable data protection laws and regulations, as well as those other rights outlined herein. However, please note that such rights are not absolute: they do not always apply, and exemptions may be applicable (e.g., such exemptions noted in Chapter III of the GDPR). Company may, in response to any such request, ask you to verify your identity and/or provide information that helps us to better understand your request. If we ask you to verify your identity, we may ask you for supporting information. If we do not comply with your request, we will explain why.

You may exercise any of your rights in this section without discrimination by us. We will not deny you products or services, charge different prices or rates, or provide a different level or quality of products or services based on your exercise of any rights in this section, unless the difference is reasonably related to the value provided by your data.

To exercise the above rights with Company, you may send an email to e-mail info@trakk.lt

9. CHANGES AND OTHER UPDATES

We may amend our privacy policy from time to time to reflect changes in our practices, technologies, legal requirements and other factors. We therefore encourage you to revisit this page periodically to read the current version of it to stay informed about our collection, processing and sharing of your personal data.