Privacy Policy

Effective Starting Date: July 12, 2018

What this policy covers

Your privacy is important to us, and so is being transparent about how we collect, use, and share information about the users of our services (also referred to as “you”). This Privacy Policy is intended to help you understand:

  • What information we collect about you
  • How we use your information and on what ground
  • How we share information we collect internationally
  • How we store and secure information we collect
  • How to access and control your information
  • Other important privacy information

Controlant (also referred to as “we” and “us”, as applicable) offers cloud solutions for Cold Chain Management, Facility Monitoring, and Vehicle and Route Monitoring. We refer to all these solutions, together with our other services and websites, as “Services” in this Privacy Policy.

We are committed to complying with applicable data protection legislation at all times. This Privacy Policy is based on the General Data Protection Regulation 2016/679 and Icelandic data protection legislation, as Controlant is established in Iceland (collectively referred to as “Data Protection Law”).

This Privacy Policy covers the information we collect about you when you use our Services, or otherwise interact with us (for example, by attending our events), unless a different policy is displayed. Controlant, we and us refers to Controlant ehf, Controlant, Inc. and any of our corporate affiliates.

This Privacy Policy also explains how you can exercise your rights under Data Protection Law, including how you can object to certain uses of your personal data and how you can access and update your data.

Our role in the processing of your personal data

We process data relating to our customers as a controller, as defined under Data Protection Law. Where the Services are made available to you through an organization (e.g. your employer), that organization is the administrator of the Services and is responsible for the accounts and/or Service sites over which it has control. Under these circumstances, the administrator acts as a controller and Controlant as a processor.

What information we collect about you

We collect information about you when you provide it to us, when you use our Services and when other sources provide it to us, as further described below.

Information you provide to us

Account and Profile Information: We collect information about you when you register for an account, create or modify your user profile, or set preferences through the Services. For example, you or your administrator provide your contact information when you register for the Services. The data collected may include your full name, email address, phone number and company. You also have the option of adding details to your profile information to be displayed in our Services. We also collect information about the teams and people you work with.

Content you provide through our websites: We collect information about you when you use websites owned or operated by us, including social media or social networking websites. For example, you provide content to us when you provide feedback or when you participate in any interactive features, surveys, contests, promotions, sweepstakes, activities or events.

*Information you provide through our support channels: When using our customer support channels, we will process information which you provide, such as contact information, a summary of the problem you are experiencing and any other documentation, screenshots or information that would be helpful in resolving the issue.

Information we collect automatically when you use the Services

We collect information about you when you use our Services, including browsing our websites and taking certain actions within the Services.

Your use of the Services: We keep track of certain information about you when you visit and interact with any of our Services. This information includes your IP address, the features you use, the links you click on and frequently used search terms.

Device and Connection Information: We collect information about your computer, phone, tablet, or other devices you use to access the Services. This device information includes your connection type and settings when you access or use our Services. We also collect information through your device about your operating system, browser type, IP address, URLs of referring/exit pages, device identifiers, and crash data. We use your IP address and/or country preference in order to approximate your location to provide you with a better Service experience. How much of this information we collect depends on the type and settings of the device you use to access the Services.

Cookies and Other Tracking Technologies: Controlant and our third-party partners, such as our advertising and analytics partners, use cookies and other tracking technologies (e.g., web beacons, device identifiers and pixels) to provide functionality and to recognize you across different Services and devices. For more information, please see our Cookies and Tracking Notice, which includes information on how to control or opt out of these cookies and tracking technologies.

Information we receive from other sources

Other users of the Services: Other users of our Services may provide contact information about you when they submit content through the Services. We also receive your email address from other Service users when they provide it in order to invite you to the Services. Similarly, an administrator may provide your contact information when they designate you as the billing or technical contact on your company’s account.

Other services you link to your account: We receive information about you when you or your administrator integrate or link a third-party service with our Services. You or your administrator may also integrate our Services with other services you use, such as to allow you to access, store, share and edit certain content from a third-party through our Services. The information we receive when you link or integrate our Services with a third-party service depends on the settings, permissions, and privacy policy of that third-party service. You should always check the privacy settings and notices in these third-party services to understand what data may be disclosed to us or shared with our Services.

Controlant Partners: We work with a global network of partners who provide resale, consulting, implementation, training and other services around our solutions. We receive information from these partners, such as billing information, contact information, company name, what Controlant solutions you have purchased or may be interested in, evaluation information you have provided, what events you have attended and what country you are in.

Other Partners: We receive information about you and your activities on and off the Services from third-party partners, such as advertising and market research partners who provide us with information that you have provided to them regarding your interest in and engagement with our Services and online advertisements. This information would include your name, company name, your title, and email address.

How we use your information and on what ground

How we use the information we collect depends in part on which Services you use, how you use them, and any preferences you have communicated to us. Below are the specific purposes for which we use the information we collect about you and on what legal basis the data is processed.

To provide the Services: We use information that is necessary for us to provide the Services, including to process transactions with you, authenticate you when you log in, provide customer support, send you necessary communications relating to the Services, such as transactional communications, and to operate and maintain the Services.

To optimize your experience: We may use your information to further our legitimate interests of optimizing your user experience. This may include sending you information that we think is relevant to your job function as well as tailored communications based on your activity and interactions with our Services. You can always opt out of receiving notifications which are not an essential part of the Services.

For research and development: We may use collective learnings about how people use our Services and feedback provided directly to us to troubleshoot and to identify trends, usage, activity patterns and areas for integration and improvement of the Services. This is based on our legitimate interest of making our Services smarter, faster, secure, integrated and useful to you. In some cases, we apply these learnings across our Services to improve and develop similar features or to better integrate the services you use.

To communicate with you about the Services: We use your contact information to send transactional communications via email and within the Services, including confirming your purchases, reminding you of subscription expirations, responding to your comments, questions and requests, providing customer support, and sending you technical notices, updates, security alerts, and administrative messages. We send you email notifications when you or others interact with you on the Services. We also provide tailored communications based on your activity and interactions with us. For example, certain actions you take in the Services may automatically trigger an email communicating a suggestion within the Services that would make that task easier. We also send you communications as you onboard to a particular Service to help you become more proficient in using that Service. These communications are part of the Services and in most cases, you cannot opt out of them. If an opt out is available, you will find that option within the communication itself or in your account settings.

To market, promote and drive engagement with the Services: We use your contact information and information about how you use the Services to send promotional communications that may be of specific interest to you, including by email and by displaying Controlant ads on other companies’ websites and applications, as well as on platforms like Facebook and Google. These communications are aimed at driving engagement and maximizing what you get out of the Services, including information about new features, survey requests, newsletters, and events we think may be of interest to you. We also communicate with you about new solutions offer, promotions and contests. These communications are based on the carrying out of legitimate business interests. You can control whether you receive these communications as described below under “Opt-out of communications.”

Customer support: We use your information to resolve technical issues you encounter, to respond to your requests for assistance, to analyse crash information, and to repair and improve the Services. The processing of data for customer support may be necessary for the performance of our Services, but also on our legitimate interests of analysing, repairing and improving our Services.

For safety and security: Based on our legitimate interest, we use information about you and your Service use to verify accounts and activity, to monitor suspicious or fraudulent activity and to identify violations of Service policies.

To protect our legitimate business interests and legal rights: Where required by law or where we believe it is necessary to protect our legal rights, interests and the interests of others, we use information about you in connection with legal claims, compliance, regulatory, and audit functions, and disclosures in connection with the acquisition, merger or sale of a business.

With your consent: We use information about you where you have given us consent to do so for a specific purpose not listed above. For example, we may publish testimonials or featured customer stories to promote the Services, with your permission. If you have consented to our use of information about you for a specific purpose, you have the right to change your mind at any time, but this will not affect any processing that has already taken place.

How we share information we collect

We make collaboration tools for the Cold Chain, and we want them to work well for you. This means sharing information through the Services and with certain third parties.

Sharing with third parties

We share information with third parties that help us operate, provide, improve, integrate, customize, support and market our Services.

Service Providers: We may share your information with third party contractors, consultants and suppliers in relation to their work for us. We work with third-party service providers to provide IT services, analytical work, customer solutions and other consulting services relating to Controlant’s Services. If a service provider needs to access information about you to perform services on our behalf, they do so under close instruction from us, including policies and procedures designed to protect your information.

Controlant Partners: We work with third parties who provide resale, consulting and technical services to deliver and implement customer solutions around the Services. We may share your information with these third parties in connection with their services, such as to assist with billing and collections, to provide localized support, and to provide customizations. We may also share information with these third parties where you have agreed to that sharing.

Links to Third Party Sites: The Services may include links that direct you to other websites or services whose privacy practices may differ from ours. If you submit information to any of those third party sites, your information is governed by their privacy policies, not this one. We encourage you to carefully read the privacy policy of any website you visit.

Social Media Widgets: The Services may include links that direct you to other websites or services whose privacy practices may differ from ours. Your use of and any information you submit to any of those third-party sites is governed by their privacy policies, not this one.

Third-Party Widgets: Some of our Services contain widgets and social media features, such as the Twitter “tweet” button. These widgets and features collect your IP address, which page you are visiting on the Services, and may set a cookie to enable the feature to function properly. Widgets and social media features are either hosted by a third party or hosted directly on our Services. Your interactions with these features are governed by the privacy policy of the company providing it.

With your consent: We share information about you with third parties when you give us consent to do so. For example, we often display personal testimonials of satisfied customers on our public websites. With your consent, we may post your name alongside the testimonial.

Compliance with Enforcement Requests and Applicable Laws; Enforcement of Our Rights: In exceptional circumstances, we may share information about you with a third party if we believe that sharing is reasonably necessary to (a) comply with any applicable law, regulation, legal process or governmental request, including to meet national security requirements, (b) enforce our agreements, policies and terms of service, (c) protect the security or integrity of our solutions and services, (d) protect Controlant, our customers or the public from harm or illegal activities, or (e) respond to an emergency which we believe in good faith requires us to disclose information to assist in preventing the death or serious bodily injury of any person.

Sharing with affiliated companies

We share information we collect with affiliated companies and, in some cases, with prospective affiliates. This information is limited to information provided pursuant to our contract and may also include contact information, including name, company, title, email, and telephone number. Affiliated companies are companies owned or operated by us. Controlant, Inc. is located in the United States.

Affiliated companies: We share information we have about you with other Controlant corporate affiliates in order to operate and improve solutions and services and to offer other Controlant affiliated services to you.

Business Transfers: We may share or transfer information we collect under this Privacy Policy in connection with any merger, sale of company assets, financing or acquisition of all or a portion of our business to another company.

How we transfer information we collect internationally

International transfers within the Controlant Companies: To facilitate our global operations, we transfer information to either Iceland or the United States and allow access to that information from countries in which the Controlant owned or operated companies have operations for the purposes described in this policy. When we share information about you within and among Controlant corporate affiliates, we make use of standard contractual data protection clauses, which have been approved by the European Commission, and we rely on the EU-U.S. and Swiss-U.S. Privacy Shield Framework to safeguard the transfer of information we collect from the European Economic Area and Switzerland and transfer to the U.S. Please see our Privacy Shield notice below for more information or contact us as provided below.

International transfers to third parties: Some of the third parties described in this Privacy Policy, which provide services to us under contract, are based in other countries that may not have equivalent privacy and data protection laws. When we share personal data with third parties outside of the EEA, we make use of European Commission-approved standard contractual data protection clauses, or other appropriate legal mechanisms to safeguard the transfer. Please see our Privacy Shield Notice below.

How we store and secure information we collect

Information storage and security

We use data hosting service providers in the EU to host the information we collect, and we use technical measures to secure your data. For more information on security of our cloud infrastructure, please see our cloud security page.

How long we keep information

How long we keep information we collect about you depends on the type of information, as described in further detail below.

Account information: We retain your personal information for the length of time required for the specific purpose or purposes for which it was collected, plus an additional twelve (12) months, which allows you to resume use of our services without loss of data.

We may be obliged to store some data for a longer time, for example, where a longer time period is required by applicable law. In this case, we will ensure that your personal information will continue to be treated in accordance with this Privacy Policy.

Information you share on the Services: If your account is deactivated or disabled, some of your information and the content you have provided will not be deleted in order to allow your team members or other users to make full use of the Services.

Managed accounts: If the Services are made available to you through an organization (e.g., your employer), we retain your information as long as required by the administrator of your account. For more information, see “Managed accounts and administrators” above.

Marketing information: If you have elected to receive marketing emails from us, we retain information about your marketing preferences for a reasonable period of time, up to two (2) years, from the date you last expressed interest in our Services, such as when you last opened an email from us or ceased using your Controlant account. We retain information derived from cookies and other tracking technologies for a reasonable period of time from the date such information was created. For more information, please see our Cookies and Tracking Notice, which includes information on how to control or opt out of these cookies and tracking technologies.

How to access and control your information

Controlant is committed to ensuring your rights under Data Protection Law.

You have the right to access the personal data we collect about you and to be informed about the purpose of its collection. You may also be entitled to a copy of the personal data undergoing processing. Furthermore, you may under certain circumstances and where technically feasible, have the right to request your information in a structured, electronic format and have the information transferred to a third party.

You may also have the right to request us to restrict the processing of your personal data, for example if you object to its processing, but prefer the data not to be erased.

If the processing of your personal data is based on Controlant’s legitimate interests, you have the right to object to the processing, following which we must stop the processing unless we demonstrate a compelling legitimate ground for the processing which override your interests.

In certain instances, you have the right to have your personal data erased, such as where the data is no longer necessary in relation to the purpose for which they were collected or otherwise processed, or if you withdraw your consent.

Your rights to access, erasure, restriction and portability of data are however not absolute. In those instances where we cannot accept your request, we will inform you of the reasons why, subject to any legal or regulatory restrictions.

You can exercise some of these rights by logging into the Services and using settings available within the Services or your account. Where the Services are administered for you by an administrator (see “Notice to End Users” below), you may need to contact your administrator to assist with your requests first.
For all other requests, you may contact us as provided in the Contact Us section below to request assistance.

Other important privacy information

Notice to End Users

Many of our Services are intended for use by organizations. Where the Services are made available to you through an organization (e.g. your employer), that organization is the administrator of the Services, and the controller of the personal data, and is as such responsible for the accounts and/or Service sites over which it has control. If this is the case, please direct your data privacy questions to your administrator, as your use of the Services is subject to that organization’s policies. We are not responsible for the privacy or security practices of an administrator’s organization, which may be different than this policy.

Please contact your organization or refer to your administrator’s organizational policies for more information.

Changes to our Privacy Policy

We may change this Privacy Policy from time to time. We will post all changes on this page and, if the changes are significant, we will provide a more prominent notice by adding a notice on the Services homepages, login screens or by sending you an email notification. If you disagree with any changes to this Privacy Policy, you will need to stop using the Services and deactivate your account(s), as outlined above.

Contact Us

If you have questions or concerns about how your information is handled, please direct your inquiry to legal@controlant.com or the following address:

Controlant ehf Grensasvegur 7 108 Reykjavik, Iceland

If you are unsatisfied with our response, you are entitled to make a written submission to the respective data protection authorities, including the Icelandic Data Protection Authority

close
close