Your privacy is important to us, and so is being transparent about how we collect, use, and share information about the users of our services (also referred to as “you”). This Privacy Notice is intended to help you understand:
Controlant (also referred to as “we” and “us”, as applicable) offers cloud solutions for Cold Chain Management, Facility Monitoring, and Vehicle and Route Monitoring. We refer to all these solutions, together with our other services and websites, as “Services” in this Privacy Notice. We are committed to complying with applicable data protection legislation at all times. This Privacy Notice is based on the General Data Protection Regulation EU 2016/679 and the Icelandic Parliament’s Act 90/2018 on Data Protection and Processing of Personal Data, as Controlant is established in Iceland (collectively referred to as “Data Protection Law”). This Privacy Notice covers the information we collect about you when you use our Services, or otherwise interact with us (for example, by attending our events), unless a different notice is displayed. Controlant, we and us refers to Controlant hf., Controlant, Inc. and any of our corporate affiliates and subsidiaries. This Privacy Notice also explains how you can exercise your rights under Data Protection Law, including how you can object to certain uses of your personal data and how you can access and update your data.
We process data relating to our customers as a controller, as defined under Data Protection Law. Where the Services are made available to you through an organization (e.g. your employer), that organization is the administrator of the Services and is responsible for the accounts and/or Service sites over which it has control. Under these circumstances, the administrator acts as a controller and Controlant as a processor.
We collect information about you when you provide it to us, when you use our Services and when other sources provide it to us, as further described below.
Account and Profile Information: We collect information about you when you register for an account, create or modify your user profile, or set preferences through the Services. For example, you or your administrator provide your contact information when you register for the Services. The data collected may include your full name, email address, phone number and company. You also have the option of adding details to your profile information to be displayed in our Services. We also collect information about the teams and people you work with.
We collect information about you when you use websites owned or operated by us, including social media or social networking websites. For example, you provide content to us when you provide feedback or when you participate in any interactive features, surveys, contests, promotions, sweepstakes, activities or events. *Information you provide through our support channels: When using our customer support channels, we will process information which you provide, such as contact information, a summary of the problem you are experiencing and any other documentation, screenshots or information that would be helpful in resolving the issue.
We keep track of certain information about you when you visit and interact with any of our Services. This information includes your IP address, the features you use, the links you click on and frequently used search terms.
We collect information about your computer, phone, tablet, or other devices you use to access the Services. This device information includes your connection type and settings when you access or use our Services. We also collect information through your device about your operating system, browser type, IP address, URLs of referring/exit pages, device identifiers, and crash data. We use your IP address and/or country preference in order to approximate your location to provide you with a better Service experience. How much of this information we collect depends on the type and settings of the device you use to access the Services.
Other users of the Services: Other users of our Services may provide contact information about you when they submit content through the Services. We also receive your email address from other Service users when they provide it in order to invite you to the Services. Similarly, an administrator may provide your contact information when they designate you as the billing or technical contact on your company’s account.
We work with a global network of partners who provide resale, consulting, implementation, training and other services around our solutions. We receive information from these partners, such as billing information, contact information, company name, what Controlant solutions you have purchased or may be interested in, evaluation information you have provided, what events you have attended and what country you are in.
We receive information about you and your activities on and off the Services from third-party partners, such as advertising and market research partners who provide us with information that you have provided to them regarding your interest in and engagement with our Services and online advertisements. This information would include your name, company name, your title, and email address.
How we use the information we collect depends in part on which Services you use, how you use them, and any preferences you have communicated to us. Below are the specific purposes for which we use the information we collect about you and on what legal basis the data is processed.
We use information that is necessary for us to provide the Services, including to process transactions with you, authenticate you when you log in, provide customer support, send you necessary communications relating to the Services, such as transactional communications, and to operate and maintain the Services.
We may use your information to further our legitimate interests of optimizing your user experience. This may include sending you information that we think is relevant to your job function as well as tailored communications based on your activity and interactions with our Services. You can always opt out of receiving notifications which are not an essential part of the Services.
We may use collective learnings about how people use our Services and feedback provided directly to us to troubleshoot and to identify trends, usage, activity patterns and areas for integration and improvement of the Services. This is based on our legitimate interest of making our Services smarter, faster, secure, integrated and useful to you. In some cases, we apply these learnings across our Services to improve and develop similar features or to better integrate the services you use.
We use your contact information to send transactional communications via email and within the Services, including confirming your purchases, reminding you of subscription expirations, responding to your comments, questions and requests, providing customer support, and sending you technical notices, updates, security alerts, and administrative messages. We send you email notifications when you or others interact with you on the Services. We also provide tailored communications based on your activity and interactions with us. For example, certain actions you take in the Services may automatically trigger an email communicating a suggestion within the Services that would make that task easier. We also send you communications as you onboard to a particular Service to help you become more proficient in using that Service. These communications are part of the Services and in most cases, you cannot opt out of them. If an opt out is available, you will find that option within the communication itself or in your account settings.
We use your contact information and information about how you use the Services to send promotional communications that may be of specific interest to you, including by email and by displaying Controlant ads on other companies’ websites and applications, as well as on platforms like Facebook and Google. These communications are aimed at driving engagement and maximizing what you get out of the Services, including information about new features, survey requests, newsletters, and events we think may be of interest to you. We also communicate with you about new solutions offer, promotions and contests. These communications are based on the carrying out of legitimate business interests. You can control whether you receive these communications as described below under “Opt-out of communications.”
We use your information to resolve technical issues you encounter, to respond to your requests for assistance, to analyze crash information, and to repair and improve the Services. The processing of data for customer support may be necessary for the performance of our Services, but also on our legitimate interests of analyzing, repairing and improving our Services.
Based on our legitimate interest, we use information about you and your Service use to verify accounts and activity, to monitor suspicious or fraudulent activity and to identify violations of Service policies.
Where required by law or where we believe it is necessary to protect our legal rights, interests and the interests of others, we use information about you in connection with legal claims, compliance, regulatory, and audit functions, and disclosures in connection with the acquisition, merger or sale of a business.
We use information about you where you have given us consent to do so for a specific purpose not listed above. For example, we may publish testimonials or featured customer stories to promote the Services, with your permission. If you have consented to our use of information about you for a specific purpose, you have the right to change your mind at any time, but this will not affect any processing that has already taken place.
We make collaboration tools for the Cold Chain, and we want them to work well for you. This means sharing information through the Services and with certain third parties.
We share information with third parties that help us operate, provide, improve, integrate, customize, support and market our Services.
We may share your information with third party contractors, consultants and suppliers in relation to their work for us. We work with third-party service providers to provide IT services, analytical work, customer solutions and other consulting services relating to Controlant’s Services. If a service provider needs to access information about you to perform services on our behalf, they do so under close instruction from us, including policies and procedures designed to protect your information.
We work with third parties who provide resale, consulting and technical services to deliver and implement customer solutions around the Services. We may share your information with these third parties in connection with their services, such as to assist with billing and collections, to provide localized support, and to provide customizations. We may also share information with these third parties where you have agreed to that sharing.
The Services may include links that direct you to other websites or services whose privacy practices may differ from ours. If you submit information to any of those third-party sites, your information is governed by their privacy policies, not this one. We encourage you to carefully read the privacy notice of any website you visit.
The Services may include links that direct you to other websites or services whose privacy practices may differ from ours. Your use of and any information you submit to any of those third-party sites is governed by their privacy policies, not this one.
We share information about you with third parties when you give us consent to do so. For example, we often display personal testimonials of satisfied customers on our public websites. With your consent, we may post your name alongside the testimonial.
In exceptional circumstances, we may share information about you with a third party if we believe that sharing is reasonably necessary to (a) comply with any applicable law, regulation, legal process or governmental request, including to meet national security requirements, (b) enforce our agreements, policies and terms of service, (c) protect the security or integrity of our solutions and services, (d) protect Controlant, our customers or the public from harm or illegal activities, or (e) respond to an emergency which we believe in good faith requires us to disclose information to assist in preventing the death or serious bodily injury of any person.
We share information we collect with affiliated companies and, in some cases, with prospective affiliates. This information is limited to information provided pursuant to our contract and may also include contact information, including name, company, title, email, and telephone number. Affiliated companies are companies owned or operated by us. Controlant, Inc. is located in the United States.
Affiliated companies: We share information we have about you with other Controlant corporate affiliates in order to operate and improve solutions and services and to offer other Controlant affiliated services to you.
Business Transfers: We may share or transfer information we collect under this Privacy Notice in connection with any merger, sale of company assets, financing or acquisition of all or a portion of our business to another company.
To facilitate our global operations, we transfer information to either Iceland or the United States and allow access to that information from countries in which the Controlant owned or operated companies have operations for the purposes described in this notice. When we share information about you within and among Controlant corporate affiliates, we follow our data transfer agreement between Controlant companies, to safeguard the transfer of information we collect from the European Economic Area and Switzerland and transfer to the U.S.
Some of the third parties described in this Privacy Notice, which provide services to us under contract, are based in other countries that may not have equivalent privacy and data protection laws. When we share personal data with third parties outside of the EEA, we make use of European Commission-approved standard contractual data protection clauses, or other appropriate legal mechanisms to safeguard the transfer.
We use data hosting service providers in the EU to host the information we collect, and we use technical measures to secure your data. For more information on security of our cloud infrastructure, please see our Cloud Security page.
How long we keep information we collect about you depends on the type of information, as described in further detail below.
We retain your personal information for the length of time required for the specific purpose or purposes for which it was collected, plus an additional twelve (12) months, which allows you to resume use of our services without loss of data. We may be obliged to store some data for a longer time, for example, where a longer time period is required by applicable law. In this case, we will ensure that your personal information will continue to be treated in accordance with this Privacy Notice.
Information you share on the Services: If your account is deactivated or disabled, some of your information and the content you have provided will not be deleted in order to allow your team members or other users to make full use of the Services.
If the Services are made available to you through an organization (e.g., your employer), we retain your information as long as required by the administrator of your account. Marketing information: If you have elected to receive marketing emails from us, we retain information about your marketing preferences for a reasonable period of time, up to two (2) years, from the date you last expressed interest in our Services, such as when you last opened an email from us or ceased using your Controlant account. We retain information derived from cookies and other tracking technologies for a reasonable period of time from the date such information was created. For more information, please see our Cookies and Tracking Notice, which includes information on how to control or opt out of these cookies and tracking technologies.
Controlant is committed to ensuring your rights under Data Protection Law. You have the right to access the personal data we collect about you and to be informed about the purpose of its collection. You may also be entitled to a copy of the personal data undergoing processing. Furthermore, you may under certain circumstances and where technically feasible, have the right to request your information in a structured, electronic format and have the information transferred to a third party. You may also have the right to request us to restrict the processing of your personal data, for example if you object to its processing, but prefer the data not to be erased. If the processing of your personal data is based on Controlant’s legitimate interests, you have the right to object to the processing, following which we must stop the processing unless we demonstrate a compelling legitimate ground for the processing which override your interests. In certain instances, you have the right to have your personal data erased, such as where the data is no longer necessary in relation to the purpose for which they were collected or otherwise processed, or if you withdraw your consent. Your rights to access, erasure, restriction and portability of data are however not absolute. In those instances where we cannot accept your request, we will inform you of the reasons why, subject to any legal or regulatory restrictions. You can exercise some of these rights by logging into the Services and using settings available within the Services or your account. Where the Services are administered for you by an administrator (see “Notice to End Users” below), you may need to contact your administrator to assist with your requests first. For all other requests, you may contact us as provided in the Contact Us section below to request assistance.
Many of our Services are intended for use by organizations. Where the Services are made available to you through an organization (e.g. your employer), that organization is the administrator of the Services, and the controller of the personal data, and is as such responsible for the accounts and/or Service sites over which it has control. If this is the case, please direct your data privacy questions to your administrator, as your use of the Services is subject to that organization’s policies. We are not responsible for the privacy or security practices of an administrator’s organization, which may be different than this notice.
Please contact your organization or refer to your administrator’s organizational policies for more information.
We may change this Privacy Notice from time to time. We will post all changes on this page and, if the changes are significant, we will provide a more prominent notice by adding a notice on the Services homepages, login screens or by sending you an email notification. If you disagree with any changes to this Privacy Notice, you will need to stop using the Services and deactivate your account(s), as outlined above.
If you have questions or concerns about how your information is handled, please direct your inquiry to email@example.com or the following address:
If you are unsatisfied with our response, you are entitled to make a written submission to the respective data protection authorities, including the Icelandic Data Protection Authority.