Trackunit helps you optimize your business and everyday work. We fully understand that you value your privacy and that's why we believe privacy is about freedom and being able to decide for yourself how your data is used and by whom. This is why we have established our Privacy Principles.
Trackunit has taken precautions to make certain that you comply with the requirements in the GDPR and has prepared required Data Processing Agreements (DPA) and Standard Contractual Clauses (SCC).
Below you find definitions that help you understand which roles apply and which documents (DPA or SCC) are required in your case.
1. Please fill out the required documents with your company information
2. Download, print and sign the documents
3. Return the documents to firstname.lastname@example.org
Please keep a copy of the signed DPA or SCC in your records if the data protection authorities should require it.
Please find our list of data sub-processors here.
Data Processing Agreement (DPA)
A DPA is an agreement defining how parties should handle personal data or personal identifiable data. It sets out the parameters between the parties on how a Processor should process the data on behalf of the Controller. Trackunit has made sure that the provided DPAs have the requirements as set out by the European Data Protection Board (EDPB) and the General Data Protection Regulation (GDPR). Trackunit standard DPA are to be used between you as a customer and Trackunit as your data Processor if you are located within the EU or a safe third country as defined by the EDPB. Our DPA can be downloaded through one of the following links. Find your language version here: English - German - French - Danish - Norwegian - Swedish
Standard Contractual Clauses (SCC)
The SCCs are standard agreements provided by the EDPB and cannot be altered, to be used between Controllers and Processors if you are located outside the EU or a safe third country as defined by the EDPB. The role of a SCC is to ensure an appropriate level of data protection and safeguards for international transfer of data between a Controller and a Processor or between two Processors or two Controllers. All SCCs presented here have been updated in accordance with the newest guidelines from the EDPB following the Schrems II verdict.
If you are a customer of Trackunit and located outside the EU or a safe third country as defined by the EDPB, please make use of the SCC. Download the SCC here.
A Controller is defined in the GDPR as person (legal or otherwise) which, alone or jointly with others, determines the purposes and means of the processing of personal data. In the context of Trackunit, if you are the owner of the data being collected from the equipment where our units are located, you are defined as a Controller. Please bear in mind that you can have agreed joint controllership with the entity you have purchased the units from if not directly from Trackunit, this will be defined in your agreement with that entity. As per example if you are a Construction company or a rental company you are most likely a Controller or a Joint Controller.
A Processor is defined in the GDPR as a person (legal or otherwise) which processes personal data on behalf of the Controller. In the context of Trackunit this means that if you have installed our units into a piece of equipment and sold that equipment you are most likely a Processor. As per example if you are an OEM, dealer or reseller that sells equipment with our units installed, you are most likely a Processor, unless you have agreed with the end-customer to have joint controllership of the data.
International transfer of data is only applicable in regard to the GDPR, when the data is being transferred in- or outside the EU or a safe third country as defined by the EDPB. In these instances, a SCC as defined above is to be used instead of a DPA. Other than making use of the SCC shown above, please also make sure that your entity lives up to the other requirements in the GDPR.
We make sure you understand which data from or about you we use, why we use it, how long we use it and who can use it. We enable you to remain in control of your data.
Your data is yours. We keep it that way by protecting it as best as we reasonably can to prevent it from falling into the wrong hands. We do this through encryption, anonymization, or pseudonymization of your data.
We collect Personal Data for specified, explicit and legitimate purposes and will not further process Personal Data in a way incompatible with those purposes.
We will not share your Trackunit account details with anyone else, unless they work under our responsibility, according to our instructions or when explicitly and lawfully ordered to do so following due legal process.
When you use our sites, our products and our services we collect data from you or about you. What data we exactly collect depend on what you use and how you use it.
Trackunit uses your Trackunit account to grant you access to downloadable content, services you are subscribed to or have activated, software upgrades and sections of our website which need registration.
Trackunit and its subsidiaries collect and use your data, to help you optimize your business and everyday life.
We fully understand that you value your privacy.
We believe privacy is about freedom and being able to decide for yourself how your data is used and by whom.
This is why we have established our Privacy Principles:
We will always keep you fully informed about your data.
We make sure you understand which data from or about you we use, why we use it, how long we use it and who can use it. We enable you to remain in control of your data. We consider the data from or about you to be yours. We only use it for the purposes for which you have given it to us, or for which we collected it from you. At any time, you can opt- out or opt-in using our software and websites. You are the Data controller and we are the Data processor. Trackunit is the data processor and you are the data controller in accordance with the Danish Act on Processing of Personal Data and the General Data Protection Regulation in the EU. Trackunit shall act only on instructions from you. Trackunit shall implement appropriate technical and organizational security measures to protect data against accidental or unlawful destruction, loss or alteration and against unauthorized disclosure, abuse or other processing in violation of the provi- sions laid down in the Danish Act on Processing of Personal Data and the General Data Protection Regulation in the EU. Upon request, Trackunit shall within reasonable time provide you with sufficient information enabling you to ensure compliance with the requirements for adequate technical and organizational security measures.
We protect your data.
Your data is yours. We keep it that way by protecting it as best as we reasonably can to prevent it from falling into the wrong hands. We do this through encryption, anonymization, or pseudonymization of your data. This way we keep your data safe. We will tell you which data from or about you we use, why we use it, how long we use it, who else can use it and where it is kept. We will only use your data for the purposes we have stated to you. We keep as little of your data as possible, and only for as long as we need it. When we no longer need data we destroy it or we irreversibly anonymize it, so it is no longer linked to you. If we ask your permission to use your data for specific purposes, we also always allow you to withdraw your permission. We will allow you to access and correct your data if it is linked to your Trackunit Manager. We will keep protecting your data against unauthorized access and accidental loss as best as we reasonably can. If we engage others to use your information on our behalf, we will ensure they act in accordance with our policies. If we share your data with others, we will first ask you for permission, unless there is a legal obligation that prohibits us from asking. We are open to any questions you may have about how we use your data and we will answer them.
We operate according to the privacy laws applicable in your country. Because we are rooted in Europe, the General Data Protection Regulation is always in effect. These laws are considered to be the most extensive in the world. They offer a high level of protection to you by only allowing us to use your data when the strict conditions of these laws are met. Our company policy on privacy and processing of personal data reflects these laws and we apply this policy globally.
Personal Data: any information relating to an identified or identifiable natural person (‘Data subject’, user); an identifi- able person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity;
Processing of Personal Data ‘processing’: any operation or set of operations which is performed upon Personal Data, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction. Trackunit will process Personal Data fairly and lawfully.
Trackunit will collect Personal Data for specified, explicit and legitimate purposes and will not further process Personal Data in a way incompatible with those purposes.
Trackunit will ensure Personal Data is adequate, relevant and not excessive in relation to the purposes for which they are collected and/or further processed.
Trackunit will ensure Personal Data are accurate and, where necessary, kept up to date.
Trackunit will keep Personal Data in a form which permits identification of its users for no longer than is necessary for the purposes for which the Personal Data were collected or for which they are further processed.
Trackunit will process Personal Data only if:
a) the user has unambiguously given his consent; or 1
b) processing is necessary for the performance of a contract to which the user is party or in order to take steps at the request of the user prior to entering into a contract; or
c) processing is necessary for compliance with a legal obligation to which Trackunit is subject; or
d) processing is necessary for the purposes of the legitimate interests pursued Trackunit, except where such interests are overridden by the interests for fundamental rights and freedoms of the user and in particular his right to privacy. Trackunit will avoid processing Personal Data revealing racial or ethnic origin, political opinions, religious or philosoph- ical beliefs, trade-union membership, or Personal Data concerning health or sex life.
Trackunit will avoid processing Personal Data related to persons under the age of 13 years. To ensure fair processing of Personal Data, Trackunit will inform its users of, inter alia: The purposes of the processing, the categories of the Personal Data concerned, the categories of the recipients of the Personal Data, how to access and rectify their Personal Data. We process data on your behalf, and only under direct contract, or consent by you, you can at any and all time access, correct, or have your data deleted from our system. We only collect data from your machines via our Trackunit Hardware, no-other data is transferred to Trackunit. The Data we collect is as includes but is not limited to: Latitude, Longitude, Speed, Heading, number of kilometres, number of hours used, status of inputs, status of out- puts, we can upon your request register the operator, fuel usage and temperature of hydraulic oil. We always have the opportunity to access and correct your data on your behalf, only the relevant people at Trackunit have access to your Data. The employees who have access to your data, does this solely to assist you in any way possible, and to collect statistic data for further improvement of our Hardware and Software.
Trackunit implements appropriate technical and organizational measures to protect Personal Data against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access, in particular where the processing involves the transmission of Personal Data over a network, and against all other unlawful forms of processing. Trackunit does so having regard to the state of the art and the cost of their implementation, ensuring a level of security appropri- ate to the risks represented by the processing and the nature of the Personal Data to be protected. In case processing is carried out on Trackunit’s behalf, Trackunit will choose a processor providing sufficient guarantees in respect of the technical security measures and organizational measures governing the processing to be carried out, and will ensure compliance with those measure. In these cases, Trackunit will ensure the processing is governed by a contract binding the processor to the controller and stipulating in particular that: a) The processor shall act only on instructions from Trackunit; b) The provisions of this policy are applied to the processor. In principle Trackunit will process Personal Data in the European Economic Area (EEA). In those cases, where Personal Data is transferred or processed outside the EEA by Trackunit or on Trackunit’s behalf, Trackunit will ensure adequate safeguards with respect to the protection of the privacy and fundamental rights and freedoms of individuals and as regards the exercise of the corresponding rights by applying appropriate contractual clauses or other acceptable legally binding instruments. In case Trackunit remotely stores information, or gains access to (any) data already stored, in a device of a user, Trackunit will ensure the user concerned has given his or her consent, having been provided with clear and comprehensive information, about the purposes of the processing. This shall not prevent Trackunit from any technical storage or access for the sole purpose of carrying out the transmission of a communication over an electronic communications network, or as strictly necessary in order for Trackunit to provide a service explicitly requested by the user.
If you need your data transferred to another system, you can do so using our public API. If you have any questions or requests regarding this, you can always contact us at DPO@trackunit.com.
Data we collect
When you use our sites, our products and our services we collect data from you or about you. What data we exactly collect depend on what you use and how you use it. In general, there are 3 categories of data we collect and use:
Data you provide
This is the data you enter yourself when using our sites, products and services. This data includes for example your name, email address, the search terms you enter, your address and favourite locations, your phone number, any map errors reports, your size, weight, gender, age etc. etc.
Data collected by sensors
A lot of our products come equipped with one or more sensors or use the sensors of the devices they run on. Examples of sensors are GPS receivers, WiFi or Bluetooth receivers, a camera, a microphone, G-force sensors, hart rate sensors and touch sensitive screens. These sensors, when activated, will automatically collect data. Depending on the purpose for which it was captured, the data in combination with data that identifies you or your device can be sent to Trackunit and others for subsequent use.
This refers to any data that is collected or automatically generated while you use Trackunit sites, products or services. In many cases metadata is collected or generated inherent to you using a computing device or inherent to transmitting data over computer networks, such as the internet. This data includes user interface and other device usage events, IPaddresses, unique device identifiers, Wi-Fi and Bluetooth MAC addresses, cookies and records of computer activity. Trackunit shall refrain from selling or disclosing data unless according to written agreement with the rightful owner(s) or according to court order. However, Trackunit have the right to analyse and disclose market statistics which, among other sources are based on anonymous operating data from Trackunit Hardware.
Trackunit uses your Trackunit account to grant you access to downloadable content, services you are subscribed to or have activated, software upgrades and sections of our website which need registration. We also use your Trackunit account when you want to purchase additional items and to tailor our offerings to you. The way in which Trackunit uses your Trackunit account also depends on the software and device or system you use.
We will use your email address occasionally to send information related to the products and services registered to your Trackunit account. We will only do this if there are updates you need to be aware of to ensure you can use your product in a safe, reliable way, without interruption or if there is a legal requirement to contact you. Should you wish to delete your Trackunit account, please contact Trackunit directly. We will not share your Trackunit account details with anyone else, unless they work under our responsibility, according to our instructions or when explicitly and lawfully ordered to do so following due legal process. You can write the DPO, Thomas Christiansen, directly at, DPO@trackunit.com. If you are not satisfied with your requests under this statement, this being, the right to transfer data, the right to rectify data or the right to retract your consent, you can always contact the Danish Data Agency (Datatilsynet),Datatilsynet.