Privacy Policy

1. Information We Collect

We collect the following categories of information:

Account and Registration Data

When you create an account, we collect your name, email address, company name, phone number, and billing information. This information is necessary to provide the Service and process payments.

Usage and Platform Data

We collect data about how you use the Service, including log data (IP addresses, browser type, pages visited, timestamps), feature usage, API calls, and Resource Unit consumption. This helps us improve the Service and detect issues.

Customer Data

We process data that you submit to the Service in the course of your operations — including order details, driver information, vehicle data, customer contacts, and delivery records. This data belongs to you and is processed on your behalf.

Communications Data

If you contact us via email, chat, or our support system, we retain records of those communications to help resolve your enquiries and improve our support.

2. How We Use Your Information

We use the information we collect to:

• Provide, operate, and maintain the Service.
• Process transactions and send billing-related communications.
• Respond to your enquiries and provide customer support.
• Send product updates, security notices, and administrative messages.
• Monitor and analyse usage patterns to improve the Service.
• Detect, prevent, and address fraud, abuse, and security incidents.
• Comply with legal obligations and enforce our Terms of Service.
• Send marketing communications where you have given consent (you may opt out at any time).

3. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA) or the United Kingdom, our legal bases for processing your personal data are:

• Contract performance — processing necessary to provide the Service under our agreement with you.
• Legitimate interests — improving the Service, preventing fraud, and communicating about relevant updates.
• Legal obligation — complying with applicable laws and regulations.
• Consent — for marketing communications and optional cookies.

4. How We Share Your Information

We do not sell your personal data. We may share your information with:

• Service providers — trusted third parties who assist us in operating the Service (e.g. cloud infrastructure providers, payment processors, email service providers). These parties are contractually bound to protect your data.
• Business transfers — in the event of a merger, acquisition, or sale of assets, your data may be transferred as part of that transaction. We will notify you before your data is transferred and becomes subject to a different privacy policy.
• Legal requirements — when required by law, court order, or government authority, or to protect the rights, property, or safety of Fleetbase, our customers, or the public.

5. Data Retention

We retain your account data for as long as your account is active or as needed to provide the Service. After account termination, we retain Customer Data for up to 30 days to allow you to export it, after which it is securely deleted. We may retain certain data for longer periods where required by law or for legitimate business purposes (e.g. billing records for 7 years as required by Singapore accounting regulations).

6. Data Security

We implement industry-standard security measures to protect your data, including:

• Encryption of data at rest (AES-256) and in transit (TLS 1.2+).
• Role-based access controls limiting data access to authorised personnel.
• Regular security audits and vulnerability assessments.
• Multi-factor authentication for internal systems.
• Incident response procedures for security breaches.

While we take reasonable steps to protect your data, no security system is impenetrable. In the event of a data breach affecting your personal data, we will notify you as required by applicable law.

7. International Data Transfers

Fleetbase is headquartered in Singapore. Your data may be processed in Singapore and in other countries where our service providers operate. When transferring data from the EEA or UK, we rely on appropriate safeguards such as Standard Contractual Clauses (SCCs) approved by the European Commission to ensure your data receives an adequate level of protection.

8. Your Rights and Choices

Depending on your location, you may have the following rights regarding your personal data:

• Access — request a copy of the personal data we hold about you.
• Rectification — request correction of inaccurate or incomplete data.
• Erasure — request deletion of your personal data (subject to legal retention obligations).
• Portability — receive your data in a structured, machine-readable format.
• Restriction — request that we restrict processing of your data in certain circumstances.
• Objection — object to processing based on legitimate interests or for direct marketing.
• Withdraw consent — where processing is based on consent, withdraw it at any time.

To exercise any of these rights, please contact us at hello@fleetbase.io. We will respond within 30 days. If you are in the EEA, you also have the right to lodge a complaint with your local data protection authority.

9. Cookies and Tracking Technologies

We use cookies and similar tracking technologies on our website to improve your experience, analyse traffic, and personalise content. You can control cookie preferences through your browser settings. Disabling certain cookies may affect the functionality of our website. We do not use cookies to track you across third-party websites for advertising purposes.

We use PostHog for first-party product analytics: pageviews, button clicks, and aggregate usage patterns help us understand which parts of the site are useful and which are not. PostHog cookies (prefixed ph_) are stored on the .fleetbase.io domain. We never capture form field values, and session replays mask all input fields by default. Visitors in the EU, EEA, UK, and Switzerland are asked to opt in before any data is captured. You can withdraw consent at any time by clearing the fb_consent cookie or contacting us at hello@fleetbase.io. We honor the Global Privacy Control (Sec-GPC) signal globally.

10. Children's Privacy

The Service is not directed to individuals under the age of 18. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us immediately at hello@fleetbase.io and we will take steps to delete it.

11. Third-Party Services

The Service may contain links to or integrations with third-party websites and services. This Privacy Policy does not apply to those third parties. We encourage you to review the privacy policies of any third-party services you use in connection with Fleetbase.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by posting a notice on our website at least 30 days before the changes take effect. Your continued use of the Service after the effective date constitutes acceptance of the updated Policy.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact our Data Protection Officer: