Privacy Policy

Privacy Policy

Last Updated: September 16, 2022.

This Privacy Policy (“Privacy Policy or “policy”) applies to Lytx, Inc., together with its controlled affiliates and subsidiaries (collectively, “Lytx”, “we”, “us” and/or “our”), and describes our collection, use, and disclosure of personal information (“Personal Information”). This Privacy Policy applies to our collection, use, and sharing of Personal Information where such activities display or reference this policy, such as when (i) accessing or using our website(s) or the Lytx Driver application without a Lytx account or where the user is not logged in  (“Mobile App”), (ii) entering information into an online form which contains a link to this Privacy Policy, (iii) providing your Personal Information to a Lytx representative, or (iv) you otherwise provide Lytx with your Personal Information in a manner described in this Privacy Policy. This policy does not apply to any activities that display or reference a different privacy notice. 

This Privacy Policy does not apply to Personal Information we process on behalf of our clients.  Lytx services are intended for and provided to businesses and other organizations and not individual consumers.  In some cases, in providing those services, we process Personal Information of consumers at the direction of our clients. When we do, we do so as a service provider or a “data processor” to our client, but we do not control and are not responsible for the privacy practices of those organizations.  When we process Personal Information on behalf of our clients, our processing is subject to the control and instructions of such clients and as permitted in our agreements and under applicable law.  If you are a consumer end-user or employee of one of our clients, you should read that organization’s privacy statement and direct any privacy inquiries to that organization.

This Privacy Policy also does not apply to the Personal Information obtained from or related to our current and former employees, independent contractors, and applicants. Please see Lytx’s Human Capital Privacy Policy for more information related to Personal Information we process and store related to our current and former employees, independent contractors, and applicants. This Human Capital Privacy Policy also applies to any Personal Information relating to beneficiaries or emergency contacts of Lytx employees, independent contractors, or applicants.

 

Information We Collect

The Personal Information we collect depends on how you interact with us, the websites, forms, and Mobile App you use, and the choices you make.

We may collect information about you from different sources and in various ways including information you provide directly, information collected automatically, third-party data sources, and data we infer or generate from other data.

Information you provide directly. We collect Personal Information you provide to us. For example:

  • Contact Information: for example, if you express an interest in obtaining additional information about our services, request customer support, use our "Contact Us" or similar features, register to use our website and Mobile App, sign up for or attend an event or webinar, or download certain content, we generally require you to provide us with your contact information, such as your name, job title, company name, address, phone number, or email address;
  • Demographic Information: for example, in some cases, such as when you register or participate in surveys or events, we may collect age, gender, education or marital status, and similar demographic details;
  • Financial Information: for example, if you make purchases via our website or register for an event, we may also require you to provide us (or our service providers who provide payment processing services) with financial information and billing information, such as billing name and address, credit card number, or bank account information;
  • Records, Content and Files: for example if you contact us via telephone, chat, or email, we will collect and retain those communications (or records relating to those communications) or if you participate in a survey we may collect information you submit related to your use of our website and Mobile App; or

Information we collect automatically. When you use our website and Mobile App, we collect some information automatically. For example: 

  • Identifiers and device information. When you access or use our website and Mobile App, our web servers automatically log your Internet Protocol (IP) address and information about your device, including device identifiers (such as MAC address); device type; and your device’s operating system, browser, and other software including type, version, language, settings, and configuration. As further described in the Cookies, Mobile IDs, and Similar Technologies section below, our websites and online services store and retrieve cookie identifiers, mobile IDs, and other data.
  • Geolocation data. Depending on your device and app settings, we collect precise geolocation data when you use our Mobile App.
  • Usage data. We automatically log your activity on our websites and Mobile App, including the URL of the website from which you came to our sites, pages you viewed, how long you spent on a page or in the Mobile App, access times, and other details about your use of and actions on our website and Mobile App.

Information we create or generate. We may infer new information from other data we collect, including using automated means to generate information about your likely preferences or other characteristics (“inferences”). For example, we may infer your general geographic location (such as city, state, and country) based on your IP address.

 

Cookies, Mobile IDs, and Similar Technologies

We use cookies, web beacons, mobile analytics and advertising IDs, and similar technologies to operate our websites and online services and to help collect data, including usage data, identifiers, and device information.

What are cookies and similar technologies?

Cookies are small text files placed by a website and stored by your browser on your device. A cookie can later be read when your browser connects to a web server in the same domain that placed the cookie. The text in a cookie contains a string of numbers and letters that may uniquely identify your device and can contain other information as well. This allows the web server to recognize your browser over time, each time it connects to that web server.

Web beacons are electronic images (also called single-pixel or clear GIFs) that are contained within a website or email. When your browser opens a webpage or email that contains a web beacon, it automatically connects to the web server that hosts the image (typically operated by a third party). This allows that web server to log information about your device and to set and read its own cookies. In the same way, third-party content on our websites (such as embedded videos, plug-ins, or ads) results in your browser connecting to the third-party web server that hosts that content. We also include web beacons in our email messages or newsletters to tell us if you open and act on them.

Mobile analytics and advertising IDs are generated by operating systems for mobile devices (iOS and Android) and can be accessed and used by apps in much the same way that websites access and use cookies. Our apps contain software that enables us and our third-party analytics partners to access the mobile IDs.

How do we and our partners use cookies and similar technologies?

We, and our analytics partners, use these technologies in our websites, and Mobile App to collect Personal Information (such as the pages you visit, the links you click on, and similar usage information, identifiers, and device information) when you use our services, including Personal Information about your online activities over time and across different websites or online services. This information is used to store your preferences and settings, enable you to sign-in, analyze how our websites and apps perform, track your interaction with the site or app, develop inferences, combat fraud, and fulfill other legitimate purposes. We and our analytics and advertising partners may use these technologies on our website to collect, use, disclose and store Personal Information to tailor and deliver interest-based advertising.  We and/or our partners also disclose the information we collect or infer with third parties for these purposes.

What controls are available?

These choices are specific to the browser you are using. If you access our services from other devices or browsers, take these actions from those systems to ensure your choices apply to the data collected when you use those systems.

  • Browser cookie controls. Most web browsers are set to accept cookies by default. If you prefer, you can go to your browser settings to learn how to delete or reject cookies. If you choose to delete or reject cookies, this could affect certain features or services of our website. If you choose to delete cookies, settings and preferences controlled by those cookies, including advertising preferences, may be deleted and may need to be recreated.
  • Mobile advertising ID controls. iOS and Android operating systems provide options to limit tracking and/or reset the advertising IDs.
  • Email web beacons. Most email clients have settings which allow you to prevent the automatic downloading of images, including web beacons, which prevents the automatic connection to the web servers that host those images.
  • Do Not Track. Some browsers have incorporated "Do Not Track" (DNT) features that can send a signal to the websites you visit indicating you do not wish to be tracked. Because there is not a common understanding of how to interpret the DNT signal, our websites do not currently respond to browser DNT signals. Instead, you can use the range of other tools to control data collection and use, including the cookie controls and advertising controls described above.
 

California “Do Not Sell My Personal Information”

The California Consumer Protection Act (“CCPA”) requires us to describe the categories of Personal Information we sell to third parties and how to opt-out of future sales. The CCPA defines Personal Information to include online identifiers, including IP addresses, cookies IDs, and mobile IDs. The law also defines a “sale” broadly to include simply making data available to third parties in some cases.  We let advertising and analytics providers collect IP addresses, cookie IDs, and mobile IDs, along with associated device and usage data, when you access our online services, but we do not “sell” any other Personal Information.

If you do not wish for us or our partners to “sell” Personal Information relating to your visits to our sites for advertising purposes, you can make your Do Not Sell Request by emailing us or using the choices above in the previous section “What controls are available?” If you opt-out using these choices, we will not disclose or make available such Personal Information in ways that are considered a “sale” under the CCPA.  However, we will continue to make available to our partners (acting as our service providers) some Personal Information to help us perform advertising-related functions. Further, using these choices will not opt you out of the use of previously “sold” Personal Information or stop all interest-based advertising. 

 

Our Use of Personal Information

We use the Personal Information we collect for purposes described in this Privacy Policy or otherwise disclosed to you. For example, we use Personal Information for the following purposes:

  • Operating our website and Mobile App: We process Personal Information to provide, operate and administer our website and Mobile App and to provide you with content you access and request (e.g., download of certain content from our website and Mobile App);
  • Analyzing and monitoring our website and Mobile App: We process Personal Information to analyze overall trends, to help us provide and improve our website and Mobile App and assess whether they are functioning properly;
  • Promoting security of our website and Mobile App: We process Personal Information to monitor use of our website and Mobile App, create aggregated, de-identified information, verify accounts and activity, secure our systems, detect and prevent fraudulent or illegal activities, and enforcement of our terms and policies, to the extent this is necessary for the purpose of our legitimate interests in promoting the safety and security of the systems and application used for our website and Mobile App, and protecting our rights and the rights of others;
  • Handling contact and user support requests: If you fill out a “Contact Us” web form, request user support, or if you contact us by other means, we process Personal Information for the performance of our contract with you and to the extent it is necessary for the purpose of our legitimate interests to fulfill your request and communicate with you;
  • Managing event registrations and attendance: We will process your Personal Information to plan and host events, conferences, or webinar, including related communication with you;
  • Business Operations: We process Personal Information to operate our business, such as billing, accounting, improving our internal operations, and meeting our legal obligations. For example, if you have provided financial information, Lytx, or its service provider, will process your respective Personal Information to check the financial qualifications and collect payments to the extent this is necessary for completing transaction with you under the purchase order submitted by you;
  • Providing Mobile App Services: If you have installed and use our Mobile App, you provide us with GPS location information which is required to provide you with our Route Risk program. We also use other electronic information received from your mobile device to send updates to the Mobile App that includes driver safety tips.
  • Developing and improving our website and Mobile App: We process Personal Information to analyze trends, track your usage of our website and Mobile App and measure interactions with emails to the extent this is necessary for our legitimate interests to develop and improve our website and Mobile App and to provide our users with more relevant and interesting content;  
  • Displaying personalized advertisements and content: We process Personal Information to conduct marketing research, advertise to you, provide personalized information about us on and off our website and Mobile App, and provide other personalized content based upon your activities and interests to the extent it is necessary for our legitimate interests to advertise our website and Mobile App or, where necessary, to the extent you have provided your prior separate consent;
  • Sending business communications: We process Personal Information to send you information, including confirmations, invoices, technical notices, updates, security alerts, and support and administrative messages
  • Sending marketing communications: We process Personal Information to send you marketing information, product recommendations and other non-transactional communications (e.g., marketing newsletters, SMS, or push notifications) about us and our affiliates and partners, including information about our products, promotions or events as necessary to conduct direct marketing.
 

Our Disclosure of Personal Information

We disclose Personal Information with your consent or as necessary to complete your transactions or provide the website and Mobile App you have requested or authorized. For example, when you provide payment data to make a purchase, we will disclose that data with banks and other entities as necessary for payment processing, fraud prevention, credit risk reduction, or other related financial services.

In addition, we disclose the categories of Personal Information described above for the following business purposes:

  • Vendors and Agents. We disclose Personal Information with our vendors and agents who provide services on our behalf such as IT and system administration and hosting, financial services and payment card processing, research and analytics, marketing, customer support.. If you access and use our website or Mobile App to register for an event or webinar, we may disclose your Personal Information with the entity responsible for organizing and/or managing the event to the extent this is necessary to process your registration and ensure your participation in the event. In individual cases we may also disclose Personal Information with professional advisers acting as processors or joint controllers including lawyers, bankers, auditors and insurers based in countries in which we operate who provide consultancy, banking, legal, insurance and accounting services; subsidiaries and affiliates. We enable access to Personal Information across our subsidiaries, affiliates, and related companies, for example, where we disclose common data systems or where access is needed to provide our services and operate our business.  We may disclose your Personal Information with other affiliates to the extent this is necessary to fulfill a request you have submitted via our website and Mobile App, or for customer support, marketing, technical operations, or account management purposes;
  • Corporate Transactions. If we are involved in a merger, acquisition, reorganization or bankruptcy, sell a website or Mobile App, or business unit, or if all or a portion of our business, assets or stock are sold to or acquired by another company, we may transfer some or all of your Personal Information to such third party; or
  • Public Information. You may select options through our website (e.g. forums, blogs, or chat rooms) or Mobile App to publicly display and disclose Personal Information, such as your name or user name and certain other information which may be read, collected, and/or used by others who can view the information.
  • Legal and law enforcement. We will access, disclose, and preserve Personal Information when we believe that doing so is necessary to comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies.
  • Security, Safety, and Protecting Rights. We will disclose Personal Information if we believe it is necessary to:
    • protect our clients and others, for example to prevent spam or attempts to commit fraud, or to help prevent the loss of life or serious injury of anyone;
    • operate and maintain the security of our services, including to prevent or stop an attack on our computer systems or networks; or protect the rights or property or ourselves or others, including enforcing our agreements, terms, and policies.

Third party analytics and advertising companies also collect Personal Information through our website, forms,  and Mobile App including identifiers and device information (such as cookie IDs, device IDs, and IP address), geolocation data, usage data, and inferences based on and associated with that data, as described in the Cookies section of this statement. For example, we use Google Analytics on our website to help us understand how users interact with our website; you can learn how Google collects and uses information at www.google.com/policies/privacy/partners. These third-party companies may combine this data across multiple sites to improve analytics for their own purpose and others.

Please note that some of our services include integrations, references, or links to services provided by third parties whose privacy practices differ from ours. If you provide Personal Information to any of those third parties, or allow us to disclose Personal Information with them, that data is governed by their privacy statements.

Data collected from or about you may be used and disclosed in an aggregate form, that is, as a statistical measure, and not in a form that would reasonably allow anyone to identify you.

Your Privacy Rights: Choice and Control of Personal Information

You may have certain rights regarding your Personal Information, subject to your local privacy and data protection laws.

EUROPEAN UNION, SWISS, AND UNITED KINGDOM DATA PROTECTION RIGHTS

  • If the processing of Personal Information about you is subject to European Union, Swiss or United Kingdom data protection laws or subject to laws of other countries which permit similar rights, you have certain rights with respect to that data: to request access your Personal Information processed by us and receive copies of that information (right to access);
  • to rectify inaccurate Personal Information and ensure it is complete (right to rectification);
  • to request erasure or deletion of your Personal Information to the extent permitted by other legal obligations (right to erasure; right to be forgotten);
  • to restrict our processing of your Personal Information (right to restriction of processing);
  • to transfer your Personal Information to another controller to the extent possible (right to data portability);
  • to object to any processing of your Personal Information carried out on the basis of our legitimate interests (right to object). Where we process your Personal Information for direct marketing purposes or disclose it with third parties for their own direct marketing purposes, you can exercise your right to object at any time to such processing without having to provide any specific reason for such objection;
  • not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects ("Automated Decision-Making"); Automated Decision-Making is not currently implemented as part of our website and Mobile App;
  • to the extent we base the collection, processing and sharing of your Personal Information on your consent, to withdraw your consent at any time, without affecting the lawfulness of the processing based on such consent before its withdrawal; and
  • for residents of France, you can send us specific instructions regarding the use of your Personal Information after your death.

To make such requests or contact our Data Protection Officer, please use the contact information at the bottom of this statement.  When we are processing data on behalf of another party that is the “data controller,” you should direct your request to that party.  You also have the right to lodge a complaint with a supervisory authority, but we encourage you to first contact us with any questions or concerns.

We rely on different lawful bases for collecting and processing Personal Information about you, for example, with your consent and/or as necessary to provide the services you use, operate our business, meet our contractual and legal obligations, protect the security of our systems and our customers, or fulfil other legitimate interests.

CALIFORNIA PRIVACY RIGHTS

If you are a California resident and the processing of personal information about you is subject to the California Consumer Privacy Act (“CCPA”), you have certain rights with respect to that information:

  • Right to Know. You have a right to request that we disclose to you the Personal Information we have collected about you.  You also have a right to request additional information about our collection, use, disclosure, or sale of such Personal Information.  Note that we have provided much of this information in this Privacy Policy;
  • Right to Request Deletion. You also have a right to request that we delete Personal Information under certain circumstances, subject to a number of exceptions;
  • Right to Opt-Out. You have the right to opt-out of the sale of your Personal Information, which is described in more detail in the above California “Do Not Sell My Personal Information” section;
  • Right to Non-Discrimination. You have the right to not receive discriminatory treatment because you exercised any of your privacy rights; and
  • Right to Designate an Agent. You have the right to designate an authorized agent to make requests under the California Consumer Privacy Act. Before accepting such a request from an agent, we will require the agent to provide proof you have authorized it to act on your behalf, and we may need you to verify your identity directly with us..  Right to Privacy Notice: You have the right to receive notice of our privacy practices at or before collection of personal information.

We do not knowingly sell Personal Information of minors under 16 years of age.

How to Exercise Your Rights under CCPA

To exercise your rights, please contact us using one of the methods provided in the “Contact” section below. 

To provide or delete specific pieces of personal information, we will need to verify the identity of the requestor to the degree of certainty required by law. We will verify your request by requesting that you (or your agent) submit your name and email address, as well as confirm access to such email address from your email account, to process your request.  Lytx will comply with the applicable privacy and data protection laws and the exercising of your rights under such laws, however please note that such rights specified above are not absolute, and exemptions may be applicable. Lytx may also process Personal Information in the role of a processor or service provider on behalf of Lytx clients’ use of Lytx services. If your Personal Information has been submitted to us in connection with Lytx’s provision of services to a client (including services accessed by signing into the Lytx Driver application), and you wish to exercise any rights you may have under applicable data protection laws, please inquire with the specific client directly. If you are an employee of a Lytx client, please contact your company’s system administrator for assistance exercising your rights under applicable law.

Preferences for Marketing Communications

If we process your Personal Information for the purpose of sending you marketing communications, you may manage your receipt of marketing and non-transactional communications from us by clicking on the “unsubscribe” link located on the bottom of our marketing emails, by replying or texting ‘STOP’ if you receive SMS communications, or by turning off push notifications on our apps on your device. Additionally, you may unsubscribe here or by contacting us using the information in the “Contact" section below. Please note that opting-out of marketing communications does not opt you out of receiving important business communications related to your current relationship with us, such as information about your subscriptions or event registrations, service announcements or security information.

 

RETENTION OF PERSONAL DATA 

We retain personal data for as long as necessary to provide the features and functionality of our website and Mobile App and fulfill the transactions you have requested, comply with our legal obligations, resolve disputes, enforce our agreements, and other legitimate and lawful business purposes. Because these needs can vary for different data types in the context of different services, actual retention periods can vary significantly based on criteria such as user expectations or consent, the sensitivity of the data, the availability of automated controls that enable users to delete data, and our legal or contractual obligations.

Security

We take reasonable and appropriate steps to help protect Personal Information from unauthorized access, use, disclosure, alteration, and destruction. 

International Transfer of Information Collected

Personal Information we collect may be stored and processed in your country or region, or in any other country where we or our affiliates, subsidiaries, or service providers maintain facilities. Currently, we primarily use data centers in the United States, United Kingdom, and Germany. The storage location(s) are chosen to operate efficiently and improve performance. We take steps designed to ensure that the Personal Information we collect under this Privacy Policy is processed and protected according to the provisions of this policy and applicable law wherever the data is located.

Location of Processing European Personal Data. We transfer personal data from the European Economic Area (EEA), United Kingdom (UK), and Switzerland to other countries, some of which have not been determined by the European Commission to have an adequate level of data protection. When we do so, we use legal mechanisms, including contracts, to help ensure your rights and protections. To learn more about the European Commission’s decisions on the adequacy of personal data protections, please visit: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en.

External Links

Our website and Mobile App may include integrations, references, or links to services provided by third parties whose privacy practices differ from ours. If you provide Personal Information to any of those third parties, or allow us to disclose personal information with them, that information is governed by their privacy statements.

Other Legal Information and Terms and Conditions

Your access and use of this website and Mobile App is further subject to the terms and conditions at https://www.lytx.com/legal-information.

A Special Note for Parents Concerning Privacy

The Lytx website and Mobile App are not intended for use by children. We do not knowingly accept Personal Information from any person under the age of 13. We ask that children (under the age of 13) do not submit any Personal Information to us.  

Changes to this Privacy Statement

We will update this Privacy Policy when necessary to reflect changes in our website and Mobile App, how we process Personal Information, or the applicable law. When we post changes to the Privacy Policy, we will revise the "Last Updated" date at the top of the statement.  If we make material changes to the Privacy Policy, we will provide notice or obtain consent regarding such changes as may be required by law. 

How to Contact Us

If you have a privacy question, concern, or complaint, please contact us via one of the methods provided below.

You may contact the Lytx Privacy Department directly by e-mail at privacy@lytx.com. If you prefer to contact us by mail, please send any communications to:

Lytx, Inc.

 9785 Towne Centre Drive

 San Diego, California 92121

 Attn: Chief Privacy Officer

UK General Data Protection Regulation (UK GDPR) – UK Representative

Pursuant to Article 27 of the UK GDPR, Lytx Inc. has appointed EDPO UK Ltd. as its UK GDPR Representative in the UK. You can contact EDPO UK regarding matters pertaining to the UK GDPR:

General Data Protection Regulation (GDPR) – European Representative

Pursuant to Article 27 of the General Data Protection Regulation (GDPR), Lytx Inc. has appointed European Data Protection Office (EDPO) as its GDPR Representative in the EU. You can contact EDPO regarding matters pertaining to the GDPR: