Privacy Policy

1. Introduction

CarPulse ("we", "us", or "our") is committed to protecting your privacy and handling your personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

This Privacy Policy explains how we collect, use, disclose, and protect personal information when you use our fleet management software platform ("Service").

2. What Information We Collect

2.1 Account Information

When you register for CarPulse, we collect:

• Name and contact details (email address, phone number)
• Organisation name and business details
• Payment and billing information
• Account credentials (username and encrypted password)

2.2 Fleet and Driver Information

As part of providing our fleet management services, we collect and process:

• Vehicle information (registration numbers, make, model, maintenance records)
• GPS location data and vehicle telemetry
• Driver details (names, licence information, contact details)
• Inspection and compliance check records
• Signed agreements and documentation
• Operational data (vehicle assignments, depot locations)

2.3 Usage and Technical Information

We automatically collect:

• Device information (IP address, browser type, operating system)
• Usage data (features accessed, time spent, actions performed)
• Log files and error reports
• Cookies and similar tracking technologies

3. How We Collect Information

We collect personal information:

• Directly from you when you register, use the Service, or contact us
• Automatically through your use of the Service via cookies and analytics tools
• From third parties such as payment processors (only information necessary to process transactions)

We only collect personal information that is reasonably necessary for our functions and activities as a fleet management software provider.

4. How We Use Your Information

We use personal information for the following purposes:

4.1 Primary Purposes

• Providing and maintaining the Service
• Processing your registration and managing your account
• Enabling fleet and driver management functionality
• Generating compliance reports and audit trails
• Processing payments and billing
• Providing customer support

4.2 Secondary Purposes

• Improving and developing our Service
• Analysing usage patterns and trends
• Sending service updates and important notices
• Detecting and preventing fraud or security issues
• Complying with legal obligations

4.3 Marketing Communications

We may send you marketing communications about our services if you have consented or where permitted by law. You can opt out of marketing communications at any time by:

• Clicking the "unsubscribe" link in our emails
• Updating your preferences in your account settings
• Contacting us directly at info@carpulse.com.au

5. How We Disclose Your Information

We may disclose your personal information to:

5.1 Service Providers

We engage trusted third-party service providers to assist with:

• Cloud hosting and data storage
• Payment processing
• Email delivery and communications
• Analytics and performance monitoring
• Customer support tools

These providers are contractually obligated to protect your information and use it only for the purposes we specify.

5.2 Legal Requirements

We may disclose personal information if required by law, court order, or government authority, or to:

• Comply with legal processes
• Protect our rights, property, or safety
• Prevent fraud or security threats
• Respond to emergency situations

5.3 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your personal information may be transferred to the acquiring entity. We will notify you of any such change.

5.4 With Your Consent

We may disclose your information to other parties with your explicit consent.

6. Cross-Border Disclosure

Your personal information is primarily stored on servers located in Australia. However, some of our service providers may be located overseas, including in:

• United States (cloud infrastructure providers)
• European Union (analytics and support tools)

When we disclose personal information to overseas recipients, we take reasonable steps to ensure they comply with the APPs or are subject to substantially similar privacy protections. By using our Service, you consent to such cross-border disclosures.

7. Data Security

We implement robust security measures to protect your personal information from misuse, interference, loss, unauthorised access, modification, or disclosure, including:

• Encryption of data in transit and at rest (TLS/SSL, AES-256)
• Secure access controls and authentication (multi-factor authentication)
• Regular security audits and vulnerability assessments
• Employee training on data protection and confidentiality
• Restricted access to personal information on a need-to-know basis
• Secure backup and disaster recovery procedures

While we take all reasonable steps to protect your information, no system is completely secure. We cannot guarantee absolute security of data transmitted over the internet.

8. Data Retention

We retain your personal information for as long as necessary to:

• Provide the Service to you
• Comply with legal, accounting, or regulatory requirements
• Resolve disputes and enforce our agreements

When personal information is no longer required, we will take reasonable steps to destroy or de-identify it in accordance with our data retention policy and applicable laws.

Typically, we retain:

• Account information: For the duration of your account plus 7 years (for tax and legal purposes)
• Fleet and compliance records: For 7 years after account closure (to meet regulatory requirements)
• Usage logs: For 12 months

9. Your Rights

Under the Australian Privacy Principles, you have the following rights:

9.1 Access

You have the right to request access to the personal information we hold about you. We will provide access unless a legal exception applies.

9.2 Correction

You have the right to request correction of inaccurate, incomplete, or out-of-date personal information. You can update most information directly through your account settings.

9.3 Deletion

You may request deletion of your personal information, subject to our legal and contractual obligations to retain certain records.

9.4 Data Portability

You can export your data from the Service at any time in commonly used formats (PDF, Excel).

9.5 How to Exercise Your Rights

To exercise any of these rights, please contact us at info@carpulse.com.au. We will respond to your request within 30 days. We may need to verify your identity before processing your request.

10. Data Breach Notification

In accordance with the Notifiable Data Breaches (NDB) scheme under the Privacy Act, if we become aware of an eligible data breach that is likely to result in serious harm to you, we will:

• Notify affected individuals as soon as practicable
• Notify the Office of the Australian Information Commissioner (OAIC)
• Provide information about the breach and steps you can take to mitigate harm
• Take immediate action to contain and remediate the breach

11. Cookies and Tracking Technologies

We use cookies and similar technologies to:

• Maintain your session and keep you logged in
• Remember your preferences and settings
• Analyse how you use the Service
• Improve performance and user experience

Types of Cookies We Use

• Essential cookies: Required for the Service to function properly
• Analytics cookies: Help us understand usage patterns (e.g., Google Analytics)
• Preference cookies: Remember your settings and choices

You can control cookies through your browser settings. However, disabling certain cookies may affect the functionality of the Service.

12. Third-Party Links

Our Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any personal information.

13. Children's Privacy

Our Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected information from a child, we will take steps to delete it promptly.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of material changes by:

• Posting the updated policy on our website
• Sending you an email notification
• Displaying a prominent notice in the Service

Your continued use of the Service after such notice constitutes acceptance of the updated Privacy Policy.

15. Contact Us and Complaints

15.1 Privacy Enquiries

If you have any questions about this Privacy Policy or our privacy practices, please contact us:

15.2 Privacy Complaints

If you believe we have breached the Australian Privacy Principles, you may lodge a complaint with us. We will:

• Acknowledge your complaint within 7 days
• Investigate the matter thoroughly
• Respond to your complaint within 30 days
• Work with you to resolve the issue

If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC):