Alertdriving values our customer trust and is committed to keeping all customer data safe and secure. Hence, we conform to data privacy legislation around the globe and have enshrined the highest standards of security and privacy in all our operations. This gives us a strong position on supporting our customers compliance with The General Data Protection Regulation (“GDPR”) requirements which becomes effective on May 25th, 2018.

What is GDPR?

The General Data Protection Regulation (“GDPR”) is a new European privacy regulation which replaced the EU Data Protection Directive (“Directive 95/46/EC”). The GDPR aims to strengthen the security and protection of personal data in the EU and harmonize EU data protection Law.

GDPR Principles

Personal Identifiable Information (PII) must be:

“the controller/processor shall be responsible for, and be able to demonstrate, compliance with the principles.”

GDPR Compliance

Alertdriving (the processor) have processes and policies in place so that our customers (controllers) can fulfill their obligations under GDPR.

GDPR Readiness

Alertdriving is GDPR ready. We have invested heavily in preparation to support our clients. This is reflected in the following policies and processes.

Data Subject Rights

Data subjects (drivers, administrators and other that provide us with personal data) has the following rights under GDPR.

About Consent

Data subjects consent is critical component of GDPR. Consent must be freely given, specific and unambiguous. Consent must be stored when Personal Identifiable information (PII) is involved. This consent management lies with our customers (controllers). Consent can be withdrawn at any time and alertdriving is able to facilitate this once it is approved by our customers.

What Data do we collect?

The type of information we usually collect and maintain may include:

Alertdriving does not collect information on children or any special category or sensitive information.

Processor and Controller

"Controller" means the natural or legal person, public authority, agency or any other body which alone or jointly with others determines the purposes and means of the processing of personal data. Alertdriving customers are considered controllers.

"Processor" means a natural or legal person, public authority, agency or any other body which processes personal data on behalf of the controller. Alertdriving is considered a processor.

Data Breach Notification Process

A data breach is a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed. Alertdriving breach process follows the steps below:

  1. Prepare
  2. Detect
  3. Triage
  4. Investigation** breach notification
  5. Containment
  6. Analysis
  7. Tracking
  8. Recovery

If we experience a data breach, then alertdriving is contractually and legally required to notify any affected customer of the breach and to cooperate with them to satisfy GDPR reporting obligations

Controllers will be notified without undue delay and within 72 hours.

For further information:

AlertDriving has designated a senior management executive to oversee the company's compliance with Global Data Privacy and Information Security Principles. If you have questions or concerns regarding your privacy or Personal Information, you may contact us at the address listed below:

Chief Privacy Officer 
North America:  1-877-867-6642
International:  001-416-750-0210
Fax:  416-750-7862
12 Concorde Place, Suite 800
Toronto, Ontario, M3C 3R8