Privacy Policy

Effective August 1st, 2021 In this Privacy Policy, we, Aeris Communications, Inc. (“Aeris”), along with our affiliates and subsidiaries under common ownership and control (the “Aeris group”), let you know the types of information we collect via www.aeris.com and other web and mobile sites that link to this Privacy Policy, and how we use, store or share this information. This Privacy Policy does not apply to information we process as a data processor or service provider on behalf of our corporate customers. For example, we may, on behalf of our corporate customers (such as in connection with AerTrak mobile app), collect information associated with vehicles owned or operated by our corporate customers, including vehicle location and drivers associated with such vehicles. Aeris does not control how our corporate customers use information Aeris processes on their behalf, and you should consult with the applicable corporate customer to understand how they use the information they receive from Aeris. California consumers can view supplemental disclosures required under the California Consumer Privacy Act (CCPA) here. Let us know if you have any questions by writing to privacy@aeris.net. If you are located in the European Economic Area or the United Kingdom, please note that Aeris Communications, Inc., located at 2099 Gateway Place, Suite 600, San Jose, CA 95110, is the data controller of your information. What Information do we collect or process? We collect and process different types of data and information. Here are the types of information we collect:

• Marketing prospects. If you visit our websites, sign up for a webinar or express an interest in our products and services, we would like to know what your needs or interests are, and how to contact you. We may ask for information such as your name, job title, the company you represent, contact information including email address and phone number, your communication preferences, information about your business, and your interests in the Internet of Things.
• From Aeris customers and users. If you sign up for our products or services, we will ask you for information to set up and maintain your account, such as contact information of authorized account representatives. We may also ask you to go to a payment partner’s website to provide payment information. We do not retain any payment card information; please review the privacy notices at payment partner websites to understand how they process your information. When we process payments, we will receive information from our payment partners about the transaction; this could include small amounts of identifiable data. To provide services to you and your devices, we also need to gather other information relevant to the products or services we’re being asked to provide, including information about devices and applications that use our services.
• For support purposes. If you send a support request, either directly with us or through a company from which you purchase products or services, we collect contact information as described above, and information about the issues you are experiencing, such as information about the device, product and/or application you are using, the nature of the problem, and information about the circumstances in which the problem occurred, including location and time. We use this information to troubleshoot the problem and, if applicable, notify you of the status of the incident.
• From Devices. When you interact with us at a website or through a mobile app, we log and store certain types of information (“log data”). We also collect data from customer devices (“device data”) in the course of providing connectivity or other services to our customers.
  • Log Data. We may log your actions when you interact with our website, such as when you consent to collection of data, accept terms of use or other legal agreements, or manage your account or devices. We may also collect your IP address, data about your computer or mobile device, data relating to your search activity, the browser or operating system you use, the domain name of your Internet service provider, the pages you visit, or how long you remain at any website. If you have an account with us or our customer, we will collect your user ID and log the actions you take.
  • Device Data. In order to provide our services to customers and their devices, we collect a great deal of information, including device IDs, time stamps, authentication records, location information, carrier service used, signal strength, the origin, destination, type and quantity of traffic passed and other operational data. “Device” means any modem, radio, telephone, monitor or sensor, or other hardware or virtual device that contains a physical or virtual SIM card supplied or approved by Aeris for use of Aeris Services.
  • Application Data. When Aeris application services are used, we record what was used, the user and/or device using the service, actions taken in our mobile app (including any user content submitted to the mobile app) and log and device data as described above. For example, when anyone uses a mobile application to access AerTrak or connected vehicle services, we will collect the identity of the user (and, if applicable, mobile device), the vehicle being tracked or managed, and the type of action (e.g., view device location, or perform a remote door unlock). Application data also includes telemetry data, such as the performance of our application, diagnostics information, and changes in application settings made by the user and/or device.
  • Contents of Device Traffic. The actual contents of any SMS, data or voice transmissions made by customer Devices to customer-controller servers sent over the cellular network services provided by Aeris are not accessed, viewed or stored by Aeris. Transmissions made over cellular networks are made using standards-based security processes applicable to all cellular operators. Transmissions over other wireless networks are subject to the security processes put in place by the network operator or any encryption protocols arranged by the customer. If we enable emergency services or arrange call center services for a customer, we may be directed to record some calls made.
• Community Forum Data. We may sponsor a community forum or similar site to help customers and Aeris personnel communicate about issues of common interest. If you post to such a site, we may retain the content of posts as well as log data described above. You are encouraged to limit the amount of data you provide in your posts since they are publicly viewable.
• Data Relevant to Employment. If you apply for a position with any Aeris company, we and our third-party service providers will collect information you provide in connection with your application, including contact data and other information such as education and employment history, together with information we create or request as we evaluate your candidacy including, if applicable, reference and background checks. If you join us, we will of course need to process other information relevant to your work with us and issue a separate privacy notice then.

For what purposes do we use your information? We use your information to provide, support, develop and improve the products and services we offer to our customers and users. Here are examples of how we may use your information:

• Provide, troubleshoot, and improve our products and services. We use your information to provide our products and services to our customers and their users. This includes analyzing performance, troubleshooting errors, and improving effectiveness and user experience of our products and services. We also use your information to diagnose problems with devices that are using our services.
• Provide and improve our operations. We use your information to provide and improve our customer support and network operations.
• Purchase our products and services. We use your information to bill for services and process payments.
• Improve user experience. We use your information to understand how users interact with our websites and mobile apps, and how the websites and mobile apps are functioning, and in turn, improve user experience in these interactions. This includes customizing your interaction with our websites according to your customer status and interests.
• Create new products and services. We may use your information to create and new products and services.
• We may periodically send promotional emails about new products, special offers, or other information we think you may find interesting using the email address you have provided, in accordance with applicable legal requirements. You can opt out of receiving these communications by following the unsubscribe instructions in the email. Please note that it may take some time for us to process your request, and you will still receive transactional communications from us that are non-commercial in nature.
• Analytics. We use your information for analytics purposes to maintain and improve our services, and determine if there is information that may be useful to us or our customers or partners. We may also aggregate information in a form that does not permit identification of specific individuals. In some circumstances, we may also de-identify information so that it can no longer identify you personally (“de-identified information). In addition to our internal use, we may share de-identified or aggregated information with third parties who use it for such purposes as industry analysis and demographic profiling. We take reasonable steps to prevent re-identification of any de-identified information, including prohibiting our personnel or service providers from re-identifying such information.
• Communicate with you. We use your information to communicate with you in relation to our products and services via different channels (i.e. by phone, email, chat). We may also contact you for customer service or market research purposes.
• Comply with legal obligations. We collect and use your information to comply with laws.
• Fraud prevention. We use your information to prevent, detect, and investigate fraud, abuse, illegal activities and violations of our terms of use and other policies.

On which legal bases do we process your information? We use your information based on the following legal bases:

• Where use of your information is necessary to perform our obligations under a contract with you (for example, to comply with our terms of service and/or to provide services).
• Where use of your information is necessary for our legitimate interests or the legitimate interests of others (for example, to provide security for our websites, products, software, or applications; operate our business and our services; make and receive payments; comply with legal requirements and defend our legal rights; prevent fraud and to know the customer to whom we are providing services).
• Where we have your consent, in accordance with applicable legal requirements, to use your information for a particular purpose.
• Where we use your information to comply with applicable legal obligations (for example, for tax and auditing purposes).

What is our policy regarding cookies? We use different kinds of “cookies” to collect information about your visits to the Aeris Sites or use of Internet-based services and applications. We use “persistent” cookies, small files stored on your hard drive, to make your future visits to Aeris websites more productive, such as by remembering some of your login information and your preferences. We also use “session-based” cookies that collect other log data as described above to help us analyze data about webpage traffic and to improve the Aeris websites. Session cookies are deleted when you close your browser window. We also use cookies for re-targeting purposes. You can block cookies completely or adjust how your browser handles cookies, although blocking cookies may make your use of some features of Aeris websites or web-based services less efficient. We may also use web beacons, pixels, tags or scripts in order to count visits, evaluate usage and effectiveness of campaigns and the like. We do not currently respond to “do not track signals” or similar mechanisms in web browsers. With whom do we share your information?

• Service providers. We store information with or allow access to your information to affiliated and unaffiliated service providers that support our business, including with website maintenance, database and cloud, customer support, payment processing, or other services. Our contracts with these third-party service providers only allow use of your information to provide these services on our behalf. We review the security policies and practices of our third-party service providers as appropriate as part of our own efforts to maintain the security of your information.
• Affiliates and subsidiaries. We may share the information we collect within the Aeris group.
• Employers and corporate customers. If your employer or our corporate customer provides you access to Aeris products and/or services, we may share information relating to your use of such products and/or services with said employer or corporate customer.
• Law enforcement, court orders, and protection of our rights. We may disclose any of your information to government officials as necessary to comply with applicable laws and orders. If we receive a request to disclose any such information, we may do so if we believe in good faith that such request is lawful and that disclosure is reasonably necessary to comply. We may also disclose your information to respond to subpoenas, court orders, or legal process, or to establish or exercise our legal rights or defend against legal claims.
• Other Disclosures. We may also disclose your information if we believe it is necessary in order to protect our property rights or rights of a third party, to protect the safety of any person or of the public, or to prevent any activity that we believe is harmful, illegal or unethical. For example, we may need to use information in order to enforce our terms of service with customers and our workplace rules, or to engage in other business or corporate transactions. We will put in place appropriate security measures, such as non-disclosure agreements, whenever possible. In addition to our internal use, we may share de-identified or aggregated information with third parties who use it for such purposes as industry analysis and demographic profiling. Also, we may share your information in the context of mergers, acquisitions, divestitures and sales of all or some of our assets, in accordance with applicable law.

How do we protect your information and where do we store it?

• We use industry-standard measures to safeguard data, and have a continuous process in place to test the effectiveness of these measures and to review the threat landscape and new tools available. However, no Internet transmissions and no security measures can be completely secure. You have a role to play in security as well, and we ask that you use prudent measures to protect against unauthorized access to your account information, including logging out of your account when finished, not sharing your login information and taking other customary security precautions appropriate for the situation. The type of organizational or technical measures we use to secure our systems and information may differ depending on the sensitivity of the information and our assessment of how accidental or unauthorized disclosure or use of the information could threaten the rights and freedoms of natural persons.
• The Aeris group companies have entered into formal agreements based on standard clauses that commit us to follow the principles in the first part of this Privacy Policy when one Aeris company transfers certain information to another. When we use a third party to process your information, we require that they make similar promises to us, including agreeing not to process any information except as we have agreed with them.
• We are aware that there are people who may pose as legitimate businesses and try to trick you into disclosing information that can be used to steal your identity. We will not request your account login or password, your credit card information or any sensitive data that could be used to steal your identity, such as national identifying numbers, or gain access to your account in an unsolicited or non-secure email or telephone call. If you believe that someone representing themselves as being associated with Aeris has requested this information in a contact that you did not request or initiate, please contact us immediately at security@aeris.netso that we may verify the identity of the person contacting you and the validity of the request.

Information for International Users

1. YOUR LEGAL RIGHTS

Depending on your location, your local laws may permit you to request that we:

• provide access to and/or a copy of certain information we hold about you;
• prevent the processing of your information for direct-marketing purposes (including any direct marketing processing based on profiling);
• update or rectify information which is out of date or incorrect;
• delete certain information which we are holding about you;
• oppose, cancel, or restrict the way that we process and disclose certain information;
• transfer your information to a third-party provider of services; and/or
• revoke your consent for the processing of your information

We will consider all requests and provide our response within the time period stated by applicable law. Please note, however, that certain information may be exempt from such requests in some circumstances, which may include if we need to keep processing your information for our legitimate interests or to comply with a legal obligation. We may request you provide us with information necessary to confirm your identity before responding to your request as required or permitted by applicable law.  To submit a request, please contact us using the Contact Information listed below.

2. DATA TRANSFERS

Please note that in providing services to you, we may subcontract the processing of your information to, or otherwise share your information with, other members within the Aeris group, trusted service providers, and trusted business partners in countries other than your country of residence, including the United States, in accordance with applicable law. Such third parties may be engaged in, among other things, the provision of services to you, the processing of transactions and/or the provision of support services. By providing us with your information, you acknowledge any such transfer, storage or use. If you live in the EEA or the United Kingdom, please note that if we provide any information about you to any non-EEA or UK members of our group or third-party information processors, we will take appropriate measures to ensure such companies protect your information adequately in accordance with this Privacy Policy. These measures include signing Standard Contractual Clauses in accordance with EU and other data protection laws to govern the transfers of such data.

If applicable, you may make a complaint to the data protection supervisory authority in the country where you are based. Alternatively, you may seek a remedy through local courts if you believe your rights have been breached.

Privacy Information for California Users If you are a California resident, California law requires us to provide you with some additional information regarding your rights with respect to your “personal information” (as defined in the California Consumer Privacy Act (“CCPA”)). The personal information we collect, and how we use and share it. The types of personal information we collect from and about you are summarized in the following chart:

Category	Examples
Identifiers	A real name, unique personal identifier, online identifier, postal address, email address, account name, or other similar identifiers.
Personal information categories listed in the California Consumer Records statute (Cal. Civ. Code § 1798.80(e))	A name, signature, telephone number, education, or medical information. Some personal information included in this category may overlap with other categories
Commercial information	Records of products or services purchased, obtained or considered.
Internet or other similar network activity	Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.
Geolocation data	Physical location or movements.
Professional or employment-related information	Current or past job history or performance evaluations.