Alertdriving values our customer trust and is committed to keeping all customer data safe and secure. Hence, we conform to data privacy legislation around the globe and have enshrined the highest standards of security and privacy in all our operations. This gives us a strong position on supporting our customers compliance with The General Data Protection Regulation (“GDPR”) requirements which becomes effective on May 25th, 2018.
The General Data Protection Regulation (“GDPR”) is a new European privacy regulation which replaced the EU Data Protection Directive (“Directive 95/46/EC”). The GDPR aims to strengthen the security and protection of personal data in the EU and harmonize EU data protection Law.
Personal Identifiable Information (PII) must be:
“the controller/processor shall be responsible for, and be able to demonstrate, compliance with the principles.”
Alertdriving (the processor) have processes and policies in place so that our customers (controllers) can fulfill their obligations under GDPR.
Alertdriving is GDPR ready. We have invested heavily in preparation to support our clients. This is reflected in the following policies and processes.
Data subjects (drivers, administrators and other that provide us with personal data) has the following rights under GDPR.
Data subjects consent is critical component of GDPR. Consent must be freely given, specific and unambiguous. Consent must be stored when Personal Identifiable information (PII) is involved. This consent management lies with our customers (controllers). Consent can be withdrawn at any time and alertdriving is able to facilitate this once it is approved by our customers.
The type of information we usually collect and maintain may include:
Alertdriving does not collect information on children or any special category or sensitive information.
"Controller" means the natural or legal person, public authority, agency or any other body which alone or jointly with others determines the purposes and means of the processing of personal data. Alertdriving customers are considered controllers.
"Processor" means a natural or legal person, public authority, agency or any other body which processes personal data on behalf of the controller. Alertdriving is considered a processor.
A data breach is a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed. Alertdriving breach process follows the steps below:
If we experience a data breach, then alertdriving is contractually and legally required to notify any affected customer of the breach and to cooperate with them to satisfy GDPR reporting obligations
Controllers will be notified without undue delay and within 72 hours.
AlertDriving has designated a senior management executive to oversee the company's compliance with Global Data Privacy and Information Security Principles. If you have questions or concerns regarding your privacy or Personal Information, you may contact us at the address listed below:
Chief Privacy Officer
North America: 1-877-867-6642
12 Concorde Place, Suite 800
Toronto, Ontario, M3C 3R8