Login
Register

Privacy Policy

Privacy Policy
Effective Date: November 6, 2025

This Privacy Policy describes how SiteTrax, Inc. (“SiteTrax, Inc.,” “we,” “us,” or “our”) collects, uses, discloses, and safeguards personal and organizational data through its software-as-a-service offering, SiteTrax.io. SiteTrax, Inc. provides computer vision and machine learning technologies to enterprise customers that monitor publicly visible supply chain assets.

1. Scope and Applicability

This policy applies to:

  • Visitors to SiteTrax.io and affiliated websites;

  • Users of SiteTrax.io under a subscription agreement;

  • Enterprise customer administrators and end users whose content or contact details are submitted through our services.

This Privacy Policy does not apply to third-party platforms or software integrated by customers or end users, nor does it govern the privacy practices of our customers.

2. Role of SiteTrax, Inc.

  • Data Processor: For customer-submitted images, video, and associated metadata processed through SiteTrax.io, SiteTrax, Inc. acts as a data processor, processing data solely on behalf of and under the instruction of enterprise customers.

  • Data Controller: For business contact information submitted by enterprise representatives (e.g., sales inquiries, billing contacts), SiteTrax, Inc. acts as a controller.

3. Types of Data Collected

A. Customer Content (Processor Role)

  • Images and video of publicly visible assets (e.g., intermodal containers, trailers)

  • Sensor, GPS, and metadata associated with those captures

  • User-submitted feedback on image quality, asset classification, or data accuracy

B. Business Contact Data (Controller Role)

  • Names, titles, and work email addresses of enterprise contacts

  • Login credentials, IP address, browser/device info for account security

  • Billing and usage information for contractual fulfillment

4. Use of Customer Content for Model Improvement

SiteTrax.io incorporates user-submitted Feedback Content (e.g., good/bad capture indicators, label corrections, new asset type requests) to improve detection and classification models. This data:

  • Is limited to assets that are publicly visible by nature (e.g., containers, signage)

  • Is de-identified where feasible and used to train and validate models for both the submitting customer and others

  • May be retained in anonymized or pseudonymized form to support reproducibility, versioning, and auditability of models

Enterprise customers may request to:

  • Limit use of their feedback to customer-specific model instances

  • Disable feedback-based model training altogether via administrative settings or contract terms

SiteTrax, Inc. does not use customer content beyond feedback submissions for model training without explicit written instruction as outlined in the SiteTrax.io Terms of Service at https://www.sitetrax.io/tos.

5. How We Use Information (Controller Role)

SiteTrax, Inc. uses business contact and usage data to:

  • Operate and support the SiteTrax.io platform

  • Send service-related notifications, alerts, and operational updates

  • Manage billing, subscription, and account lifecycle activities

  • Respond to enterprise requests or legal/regulatory inquiries

We do not sell personal data or use it for third-party advertising.

6. Data Sharing and Subprocessors

We may share personal information:

  • With authorized subprocessors who support hosting, infrastructure, support, or analytics under strict confidentiality and data processing agreements

  • With legal authorities if required by subpoena, court order, or applicable law

  • As part of a merger, acquisition, or business restructuring

A current list of subprocessors and their purposes is available to enterprise customers upon request via support@sitetrax.io.

7. Security and ISO 27001 Alignment

SiteTrax, Inc. implements administrative, technical, and physical safeguards consistent with ISO 27001 security controls, including:

  • Role-based access controls

  • Data encryption in transit and at rest

  • Logging and monitoring

  • Regular vulnerability assessments and incident response protocols

In the event of a data breach involving your content, SiteTrax, Inc. will notify affected customers promptly and in accordance with legal obligations.

8. Data Retention

  • Customer content is retained only as long as necessary to provide the services and fulfill contractual obligations.

  • Feedback content used for model training is retained for versioning and reproducibility, unless an opt-out is enacted.

  • Business contact data is retained to meet legal, financial, and operational obligations.

9. Rights and Choices

Subject to U.S. state privacy laws (e.g., CPRA, VCDPA, CPA), enterprise contacts and authorized users may have rights to:

  • Access, correct, or delete personal information

  • Opt out of data sale (not applicable, as we do not sell data)

  • Limit processing of sensitive personal data (none collected)

Requests should be directed to: support@sitetrax.io

10. Cross-Border Transfers

Customer data is primarily processed in the United States. SiteTrax, Inc. ensures adequate safeguards for international data transfers where applicable.

11. Changes to This Policy

We may update this policy to reflect legal, operational, or technical changes. We will notify customers of material updates via the SiteTrax.io dashboard or direct email.

12. Contact

If you have any questions or requests, contact:

SiteTrax, Inc.
4855 Brookside Ct, Ste B
Norfolk, VA 23502
Email: support@sitetrax.io