Privacy Policy

Last Updated: December 7, 2025

Scope & Controller

This Privacy Policy explains how Groundhog ("Company Legal Name", the "Controller") collects, uses, shares, and safeguards Personal Data when you access or use the Groundhog platform for fleet, rental, and delivery operations. Contact: Contact Email, Registered Address.

Data We Collect

• Account Data: Names, emails, credentials, roles, permissions.
• Operational Data: Vehicle identifiers, rental contracts, delivery events, device metadata.
• Billing Data: Payment method tokens, invoices, tax identifiers.
• Usage & Telemetry: API calls, performance metrics, job runtimes, audit logs.
• Support Data: Tickets, diagnostic dumps (sanitized), communication records.
• Cookies & Similar Tech: Session cookies, preference storage, analytics beacons.

Purposes & Legal Bases

• Provide & maintain Groundhog Services (performance of contract).
• Authenticate users & secure infrastructure (legitimate interests / legal obligation).
• Process billing & account lifecycle (contract & legal obligation).
• Improve platform reliability & features (legitimate interests).
• Send service, security, and product notices (legitimate interests / consent where required).
• Comply with legal processes (legal obligation).

Sharing & Processors

Groundhog uses vetted sub-processors for hosting, analytics, email delivery, payments, and optional integrations. Each sub-processor is contractually bound to appropriate confidentiality and data protection obligations. Groundhog does not sell Personal Data.

Retention

Personal Data is retained for the duration of the account and as necessary to satisfy legal, tax, and audit requirements. Aggregated, anonymized analytics may be retained longer for trend analysis.

Security

Groundhog implements layered controls including encryption in transit, hardened containers, role-based access, secret rotation, logging, and rollback capabilities. No system is entirely immune to risk; residual risk is managed through continuous monitoring.

International Transfers

Where cross-border transfers occur, Groundhog relies on appropriate safeguards such as Standard Contractual Clauses or equivalent frameworks.

Your Rights

Subject to jurisdiction, you may have rights to access, rectify, delete, port, or restrict processing of Personal Data. Requests can be submitted to Contact Email. Verification may be required.

Children

Groundhog is not directed to children under the age of 16 and does not knowingly collect Personal Data from them.

Changes

Material updates will be communicated via email or in-product notice with the revision date adjusted above. Continued use after the effective date signifies acceptance.

Contact

For privacy inquiries: Company Legal Name, Registered Address, Contact Email.