This Privacy Policy explains how TrackBin ("TrackBin," "we," "us," or "our") collects, uses, discloses, and protects information when you use our software-as-a-service platform, websites, and related services (the "Service"). This Policy applies to information processed in our role as a service provider for our customers and as a controller of personal data we collect directly. We are committed to handling your data responsibly and in accordance with applicable data protection laws, including United States state privacy laws, the EU General Data Protection Regulation (GDPR), and the UK GDPR.
1.Information We Collect
Account Information. When you register for an account, we collect your name, business name, email address, password (hashed), and billing information necessary to activate and manage your subscription.
Customer Data. When you use the Service, you submit information about your rental assets, customers, drivers, dispatches, depots, addresses, and related operational records. This is "Customer Data" and you remain its controller; we process it on your behalf as a processor.
Usage and Technical Data. We automatically collect information about how you interact with the Service, including IP address, browser type, device identifiers, operating system, pages viewed, timestamps, referring URLs, and error logs. This data is used to operate, secure, and improve the Service.
Communications. If you contact our support team or submit a feedback request through the Service, we collect the contents of your message and any attachments to respond and maintain a support history.
Cookies and Similar Technologies. We use strictly necessary cookies for authentication and session management, and optional analytics cookies (where consent is given) to understand product usage.
2.How We Use Information
- To provide, maintain, secure, and improve the Service.
- To authenticate users, prevent fraud, and protect against unauthorized access.
- To process subscription payments through our merchant of record (Paddle) and issue receipts.
- To send transactional notifications such as overdue alerts, billing receipts, password resets, and important service announcements.
- To respond to support requests and feedback you submit through the Service.
- To comply with legal obligations, enforce our Terms of Service, and protect our legal rights.
- With your consent, to send product updates and marketing communications. You may opt out at any time.
3.Legal Bases for Processing (EEA / UK)
Where the GDPR or UK GDPR applies, we rely on the following legal bases:
- Contractual necessity - to provide the Service you subscribed to.
- Legitimate interests - to secure the Service, prevent fraud, and improve our product.
- Consent - for optional analytics and marketing communications. You may withdraw consent at any time.
- Legal obligation - to comply with tax, accounting, and regulatory requirements.
4.How We Share Information
We do not sell your personal information. We share information only with the following categories of recipients, and only as needed to operate the Service:
- Subprocessors and service providers - including cloud hosting (for example, Vercel and Supabase), email delivery (Resend), error monitoring (Sentry), product analytics (PostHog), and map services (Mapbox and Google). Each subprocessor is bound by a written data processing agreement.
- Payment processor - Paddle.com Market Limited acts as the merchant of record for subscriptions and processes billing data independently of TrackBin.
- Legal and regulatory authorities - when required by law, valid legal process, or to protect our rights or the safety of others.
- Business transfers - in connection with a merger, acquisition, financing, or sale of assets, with notice to affected users where required.
5.International Data Transfers
TrackBin operates globally and may transfer personal data to countries other than the one in which it was collected, including the United States. Where required, we use Standard Contractual Clauses approved by the European Commission (or equivalent UK transfer mechanisms) and supplementary measures to ensure your data receives an adequate level of protection.
6.Data Retention
We retain Customer Data for the duration of your subscription and for thirty (30) days thereafter to allow data export. Account information may be retained longer where required by law, for example accounting and tax records, typically up to seven years. Backups are deleted on a rolling schedule consistent with our backup retention policy.
7.Security
We implement administrative, technical, and physical safeguards designed to protect personal data against unauthorized access, disclosure, alteration, or destruction. These include encryption in transit (TLS 1.2+), encryption at rest, role-based access control, audit logging, and tenant isolation enforced at the database level (Row Level Security). However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.
8.Your Rights
Depending on your location, you may have the following rights regarding your personal data:
- Access - request confirmation of whether we process your data and a copy of it.
- Correction - request correction of inaccurate data.
- Deletion - request deletion of your data, subject to legal retention obligations.
- Portability - receive your data in a structured, machine-readable format.
- Objection or Restriction - object to or restrict certain processing activities.
- Consent withdrawal - withdraw any consent previously given.
- Lodge a complaint - with a supervisory authority in your jurisdiction.
To exercise any of these rights, email admin@trackbinapp.com. We will respond within thirty (30) days, or as required by applicable law.
9.California Privacy Rights (CCPA / CPRA)
California residents have specific rights under the California Consumer Privacy Act, as amended. We do not sell or share personal information for cross-context behavioral advertising. You may exercise rights to know, delete, correct, and limit by contacting admin@trackbinapp.com. We will not discriminate against you for exercising your rights.
10.Children's Privacy
The Service is not directed to children under 16, and we do not knowingly collect personal information from children. If you believe a child has provided personal information to us, contact admin@trackbinapp.com and we will delete it.
11.Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated through the Service or by email at least thirty (30) days before they take effect. The "Effective Date" at the top of this page indicates when the latest version came into force.
12.Contact
For privacy questions or to exercise your rights, contact our privacy team at admin@trackbinapp.com.
