GDPR Compliance

General Data Protection Regulation

Last updated: March 17, 2026

EU Data Subject Rights

This page outlines your rights under the General Data Protection Regulation (GDPR) if you are located in the European Economic Area (EEA).

1. Data Controller

Track2Secure247 is the data controller responsible for your personal data. This means we determine the purposes and means of processing your personal information.

Company: Track2Secure247 Technologies (Pvt) Ltd.

Email: info@track2secure.com

2. Data Protection Officer (DPO)

We have appointed a Data Protection Officer to oversee our compliance with data protection laws.

DPO: Duncan Vusa Mathe

Email: duncanvusamathe@track2secure247.com

Phone: +263774112872

3. Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds:

Legal Basis Application
Consent Location tracking, marketing communications, cookies (except essential)
Contract Service provision, account management, billing
Legal Obligation Fraud prevention, legal compliance, tax reporting
Legitimate Interests Service improvement, security monitoring, fraud detection

4. Your GDPR Rights

Right to Access

Request a copy of all personal data we hold about you.

Right to Rectification

Correct inaccurate or incomplete personal data.

Right to Erasure

Request deletion of your personal data ("right to be forgotten").

Right to Restriction

Limit how we process your data in certain circumstances.

Right to Data Portability

Receive your data in a machine-readable format.

Right to Object

Object to processing based on legitimate interests.

5. Withdrawing Consent

Where we rely on consent for processing (e.g., location tracking, marketing), you have the right to withdraw consent at any time:

  • Location Tracking: Disable in device settings or dashboard
  • Marketing Emails: Click unsubscribe in any email
  • Cookies: Adjust settings in our Cookie Policy

6. Data Retention Periods

Data Category Retention Period Justification
Account Information Until account deletion + 1 year Legal/Tax requirements
Location History 30 days (Standard)
1 year (Premium)		 Service provision
Payment Information 7 years Tax/Legal requirements
Communication Logs 2 years Customer service

7. International Data Transfers

We may transfer your data outside the EEA. When we do, we ensure adequate protection through:

  • EU Standard Contractual Clauses
  • Privacy Shield certification (for US transfers)
  • Adequacy decisions by the European Commission
  • Binding Corporate Rules

8. Automated Decision Making

We do not make decisions based solely on automated processing that significantly affect you. However, we use automated systems for:

  • Speed and geofence alerts
  • Fraud detection
  • Service optimization

You have the right to human intervention for any automated decision.

9. Security Measures

We implement appropriate technical and organizational measures:

  • Encryption of personal data in transit and at rest
  • Regular security assessments and penetration testing
  • Strict access controls and employee training
  • Pseudonymization where appropriate
  • 24/7 security monitoring

10. Data Breach Notification

In case of a data breach that risks your rights and freedoms:

  • We will notify the supervisory authority within 72 hours
  • We will inform affected individuals without undue delay
  • We will provide details of the breach and recommended actions

11. How to Exercise Your Rights

To exercise any of your GDPR rights, please use one of these methods:

We will respond within one month of receiving your verified request.

We may ask for identification to verify your identity.

12. Alternative Contact Methods

If you prefer not to use the online form, you can contact us directly:

Request Your Data

Download all your personal data

Request Deletion

Exercise right to be forgotten

Update Information

Correct inaccurate data