Privacy Policy

Cart IoT ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our mobile application, use our products, or engage with our services. Please read this policy carefully. By accessing or using our services, you agree to the terms of this Privacy Policy.

Information We Collect

We may collect personal information that you voluntarily provide to us when you express an interest in obtaining information about us or our products and services, when you participate in activities on our website, or otherwise when you contact us. The personal information we collect may include:

• Contact Information: Name, email address, phone number, mailing address, and company or organization name.
• Account Information: Username, password, and account preferences for registered dealers and administrators.
• Device and Usage Data: IoT device telemetry, charging data, temperature readings, and operational metrics transmitted by Cart IoT hardware.
• Transaction Information: Purchase history, payment method details (processed securely through third-party payment processors), and billing information.
• Technical Data: IP address, browser type, operating system, referring URLs, and browsing behavior on our website collected through cookies and similar technologies.
• Mobile App Data: When you use the Cart IoT mobile app, we may collect:
  • Authentication credentials stored securely on your device using Apple Keychain
  • Device telemetry received in real-time (battery status, temperature, charging state)
  • Photos you choose to attach to maintenance records, uploaded to our cloud storage
  • Bluetooth device information during hardware setup and provisioning
  • WiFi network credentials you provide during device setup (transmitted directly to your Cart IoT hardware via Bluetooth, not stored on our servers)
• Third-Party Authentication: If you sign in using Google, we receive basic profile information (email address) from Google. Google's use of your data is governed by Google's Privacy Policy.
• Camera and Location: The app may request camera access for QR code scanning and location access for Bluetooth device discovery. Location data is not stored or transmitted to our servers.

How We Use Your Information

We use the information we collect for various business purposes, including:

• Providing, operating, and maintaining our products, services, and website.
• Processing transactions and sending related information, including purchase confirmations and invoices.
• Monitoring IoT device performance and generating safety alerts to protect your fleet and property.
• Communicating with you about products, services, promotions, and events, and providing customer support.
• Analyzing usage trends and improving the functionality, reliability, and user experience of our products and services.
• Detecting, preventing, and addressing technical issues, fraud, or security concerns.
• Complying with legal obligations and enforcing our terms and policies.

Information Sharing

We do not sell, rent, or trade your personal information to third parties. We may share your information in the following circumstances:

• Service Providers: We may share your information with trusted third-party vendors and service providers who assist us in operating our website, processing payments, delivering products, or conducting our business, subject to confidentiality obligations.
• Authorized Dealers: If you submit a lead or request information through our dealer network, we may share your contact details with the assigned dealer to facilitate your inquiry.
• Legal Requirements: We may disclose your information where required by law, regulation, legal process, or governmental request.
• Business Transfers: In connection with a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction.
• Cloud Infrastructure: We use ThingsBoard for IoT device management and Google Firebase for image storage. These providers process data on our behalf under contractual obligations.
• Authentication Providers: If you use Google Sign-In, Google receives and processes authentication data per their privacy policy.

Data Retention and Deletion

We retain your personal information for as long as your account is active or as needed to provide services. You may request deletion of your account and associated data by contacting us at privacy@cartiot.com. Upon account deletion, we will remove your personal data within 30 days, except where retention is required by law.

Data Security

We implement appropriate technical and organizational security measures designed to protect your personal information from unauthorized access, alteration, disclosure, or destruction. These measures include encryption of data in transit and at rest, access controls, regular security assessments, and secure cloud infrastructure. However, no method of transmission over the Internet or electronic storage is completely secure, and we cannot guarantee absolute security.

Children's Privacy

Our services are not directed to individuals under the age of 13. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal information, please contact us at privacy@cartiot.com.

Contact Information

If you have questions or concerns about this Privacy Policy or our data practices, please contact us at:

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes, we will update the "Last updated" date at the top of this page and, where appropriate, notify you via email or a prominent notice on our website. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of our services after any modifications indicates your acceptance of the updated Privacy Policy.