Privacy Policy
Last updated: April 2026
1. Data Protection Officer
Karoid has designated a data protection officer. For questions or requests regarding access, correction, or deletion:
2. Personal Information Collected
- Identification data: name, email, user ID
- Driving data: GPS location, speed, acceleration, braking, turning behaviors, trip timestamps
- Application usage data: frequency of use, coaching feature interactions, driving scores, achieved objectives, ranking position
- Technical data: device type, operating system, app version, diagnostic logs
3. Purpose of Collection
Personal information is collected for: providing personalized coaching service, analyzing driving behavior and generating scores/recommendations, tracking individual driver progression, supporting gamification features (rankings, challenges, rewards), providing aggregated performance reports to employer fleet managers, improving the app and developing new features, and ensuring technical support.
4. Consent
Collection and use of your personal information is based on your free, informed and specific consent obtained during app registration. Participation is voluntary; you may withdraw consent by uninstalling the app or contacting [email protected]. Withdrawal results in data collection cessation and deletion upon request.
5. Disclosure of Information
To employer: Fleet program users' employers may access aggregated fleet performance data as outlined in project agreements.
To service providers: Third-party vendors for cloud hosting, analytics, and technical support are bound by confidentiality agreements and may only use data for specified purposes.
Karoid does not sell your personal information to third parties.
6. Data Hosting and Transfer
Personal information may be hosted by cloud service providers outside Quebec or Canada. Before transfer, Karoid conducts privacy impact assessments to ensure adequate protective measures align with Law 25.
7. Data Retention
Personal information is retained only as long as necessary for collection purposes. Maximum retention is two (2) years following app use cessation, unless legally required otherwise. After expiration, data is securely destroyed.
8. Data Security
Karoid implements reasonable technical and organizational security measures protecting against unauthorized access, loss, modification, or disclosure, including data encryption in transit and at rest, access controls, and access logging.
9. Your Rights
- Right of access: Request personal information held about you
- Right of rectification: Request correction of inaccurate or incomplete information
- Right of deletion: Request deletion of personal information, subject to legal obligations
- Right of portability: Request data in structured, commonly used format
- Right to withdraw consent: Withdraw consent anytime
Requests should be sent to [email protected]; responses provided within 30 days.
10. Anonymization and Aggregated Data
Karoid may irreversibly anonymize personal information for analysis, research, and service improvement purposes. Anonymized data cannot identify individuals. Aggregated data (trends, performance indicators, sector comparatives) allowing no identification of persons or specific enterprises may be used internally or commercially.
11. Privacy Incidents
Upon privacy incidents presenting serious harm risk, affected individuals and Quebec's Commission d'accès à l'information are notified promptly per Law 25. Privacy incident records are maintained for minimum five (5) years.
12. Policy Modifications
Policy modifications are published with updated dates. Substantial changes are communicated via email or in-app notification.
13. Applicable Law
This policy is governed by Quebec provincial law, Canada.