TM Tacho Manager Privacy policy

Privacy Policy

This page is based on the current capabilities, privacy controls, login flows and mobile smart-card workflows present in the Tacho Manager web app and mobile app.

1. What Tacho Manager does

Tacho Manager is a tachograph-focused platform that lets users register accounts, sign in, upload and review tachograph-related files, manage drivers and vehicles, and use a mobile app that can interact with a compatible smart-card reader to read a driver tachograph card.

2. Personal data we may process

  • Account and login data such as username, recovery email, linked Google account identifiers and related authentication session data.
  • Company or driver profile data entered during registration or administration, including company details and driver names.
  • Tachograph-related file content uploaded through the website or mobile workflow, including driver card files and vehicle files.
  • Derived operational data generated from uploaded files, such as activities, infringements, rest planning, work summary output and related compliance indicators.
  • Technical and security data needed to protect the service, such as session identifiers, rate-limiting entries, login attempt state and consent status.
  • Optional analytics data only when analytics are enabled and the visitor has granted consent.

3. How we use the data

  • To create and manage user accounts.
  • To authenticate users, including username/password and Google sign-in flows.
  • To process uploaded tachograph files and produce reports such as infringements, activities, rest planning and work summary views.
  • To support mobile smart-card workflows, including reading a driver card, saving a local copy and uploading the resulting file.
  • To maintain security, enforce rate limits, prevent misuse and keep the service available.
  • To improve the product only through optional analytics where consent is required and granted.

4. Legal bases

  • Performance of a contract or pre-contractual steps when providing the service requested by users.
  • Legitimate interests for security, fraud prevention, operational stability and service administration.
  • Consent where optional analytics cookies or similar tracking technologies are used.
  • Legal obligations where retention or disclosure is required by applicable law.

5. Google sign-in

If you choose Google sign-in, Tacho Manager may receive your Google account identifier, verified email address and basic profile information needed to authenticate or link your account. The platform uses this information to sign users in, link an existing account or complete account setup.

6. Mobile app and smart-card reader processing

The Android mobile app can work with a compatible card reader to detect the reader, request access, read a driver tachograph card, save a local file copy and upload data into the service. Files generated through that workflow are processed to provide reporting and account functionality in the web application.

Files uploaded through the service may be transmitted to the server and stored in encrypted form so they can be used for reporting, compliance analysis, downloads and account administration.

7. Cookies, local storage and consent

Tacho Manager uses session and preference technologies needed for sign-in, theme preference, mobile app handoff support and privacy consent. Optional analytics are loaded only when privacy features are enabled and consent has been granted. More detail is available in the cookie policy.

8. Security and confidentiality

Tacho Manager applies technical and organizational measures intended to protect account data and uploaded tachograph files against unauthorized access, loss, misuse or disclosure. These measures can include access controls, authentication safeguards, encrypted storage workflows and security logging.

9. Data sharing and processors

Tacho Manager may rely on infrastructure, email delivery, analytics, authentication or support providers where needed to operate the service. Data should only be shared to the extent necessary to provide the platform, protect the service, comply with law or support explicitly enabled optional features. Where processors are used, they should act under appropriate contractual and confidentiality obligations.

10. Retention and deletion

Account information, uploaded tachograph files and generated report output may be retained for as long as needed to provide the service, maintain account history, protect security or comply with applicable obligations. Retention periods can vary depending on account status, system administration needs and legal requirements.

Users can request account deletion and deletion of associated uploaded data by using the published deletion request channel or, when available, by initiating the verified deletion flow from the account profile area.

11. GDPR rights

Depending on the laws that apply to you, you may have rights to request access, correction, deletion, restriction, objection, portability or withdrawal of consent for optional analytics processing. You may also have the right to lodge a complaint with your local supervisory authority.

12. International transfers

If data is processed outside your country or the EEA/UK, appropriate safeguards should be used where required by applicable law, such as adequacy decisions, standard contractual clauses or comparable lawful transfer mechanisms.

13. Contact

Set the appropriate GDPR/privacy contact email in the main application privacy settings so this page and the live application footer can point visitors to the right contact address.