Privacy Statement

Version 4.2.5 at 1 April 2022
Authorised Representative: Gerard McLennan – CEO

At “LBM Fleet Solutions” (LogbookMe) we are committed to protecting user privacy and complying with the regulatory environment. We understand that users value their privacy and may have concerns about the information collected and also how it is used, stored and distributed.

Our approach to user privacy is to embody open and transparent management of information to ensure users are comfortable and fully understand what information we have, how we use it and how they can protect and manage their information with us.

We have documented in this statement how we manage user information including but not limited to what we collect, how we collect it, how it is stored, when we use it and limitations on who has access to the information and how its output is distributed.

This statement has been written with close reference to the Australian Privacy Act amendments and the Australian Privacy Principles and the relevant Workplace Surveillance legislation. For the purpose of this document ‘information’ or ‘data’ references Personal Information and ‘users’ references Individuals to whom we have information for.

We will continue to review this statement in light of any updates or legislative changes and the most recent version will be published in the user portal at https://manage.logbookme.com (login required) or can be requested directly by contacting us using any of the methods listed at the end of this statement.

We believe that our service is compliant with the relevant legislative provisions.

What Information We Collect

LBM Fleet limits the collection of information to what is essential in order for us to deliver products and services to the user. We have documented what information we collect below.

Please note that there are instances where we may not collect the information based on the scope of the deployment and configuration.

User inputted information

  1. Email address
  2. Password set by user
  3. First Name
  4. Last Name
  5. Mobile
  6. Company/Employer
  7. Time zone
  8. Start odometer reading
  9. End odometer reading
  10. Target business use as a percentage
  11. Vehicle Make
  12. Vehicle Model
  13. Vehicle Registration Plate
  14. Description of trip
  15. Classification of trip
  16. Support requests or other forms of contact via our various customer support channels

It is at the users discretion to the degree of accuracy they wish to provide us in their information input, however where accurate information is not provided, it may limit our ability to provide services.

Calendar Integration

  1. Event name as recorded in calendar by user
  2. Event location as recorded in calendar by user
  3. Event time
  4. Event date

LBM Fleet Device Information

  1. Date of record
  2. Time of record
  3. Latitude of vehicle at time of record
  4. Longitude of vehicle at time of record

LBM Fleet Device Driver Behaviour Information (if activated)

  1. Speed
  2. Hard Acceleration
  3. Hard Braking
  4. Hard Cornering
  5. Sudden Deceleration

LBM Fleet Processed Information

  1. Kilometres for each trip recorded
  2. Approximate location based on nearest street and suburb for each trip start and end location

Third Party Information

  1. Based on requirements

How The Information Is Collected

Information is collected from various sources and also produced within our service delivery platform. By providing information through the users account setup and/or using our service, the user consents to our collection and storage of the information. This consent is obtained from each user via a prompt upon first use.

We have provided detail with reference to the information listed above in respect of how the information is collected.

User inputted information
This information is collected through the user or users employer providing the input via online form during user setup or otherwise received directly.

In some instances (where the service is sponsored by a third party e.g. employer) we may receive some information directly. Where this is the case, within a reasonable time frame, we will input the information into the user account and notify the user of the information and how it can be accessed and corrected. If the user has an issue with the information being used by LBM Fleet a complaint can be raised to address the concerns.

Calendar Integration
This information is collected through the calendar feed feature from the users calendar.

This feature is optional and at the user discretion as to whether they enable the functionality. All data is queried on demand and is not stored unless committed and saved by the user.

LBM Fleet Device Information & Driver Behaviour
This information is collected through the LBM Fleet in-vehicle device.

LBM Fleet Processed Information
This information is collected through the processing of LBM Fleet Device Information in the LBM Fleet Platform.

Third Party Information
This information is provided by a third party to LBM Fleet strictly for the use as defined.

How Information Is Stored

All information is securely managed and stored by Microsoft Azure. Azure provides managed hosting services in a dedicated secure environment and meets a broad set of international and industry-specific compliance standards, such as ISO 27001, HIPAA, FedRAMP, SOC 1 and SOC 2, as well as country-specific standards such as the Australian IRAP.

The Azure data centres are located on the east coast of Australia and are certified with enterprise level encryption (AES-256). Azure also commits to operate within ISO/IEC 27018 which is the code of practice for cloud privacy. LBM Fleet protects data with real-time redundancy.

LBM Fleet is also an ISO certified organisation with ISO27001 and ISO9001 compliance.

Transmission of Information
All transmissions between our servers and users are protected by SSL encryption to secure and maintain the data integrity.

Transmissions between the LBM Fleet Device and our servers are raw data string only and does not have any personally identifiable information. LBM Fleet decodes the data in our secure cloud environment.

Protection of Information
LBM Fleet operates within the ISO 27001 and ISO90001 framework.

The secure management of the LBM Fleet’s ICT infrastructure, systems and information, as defined in the Statement of Applicability version 1, dated 20 July 2019. (ISO 27001:2013)

Provision of fleet and data management services including processing, collation, analytical analysis of data and other associated services for organisations. (ISO 9001:2015)

Why we collect the information and what we use the information for

By submitting and allowing us to collect information for you for the purpose of our service delivery (including core functions and activities) you agree to us storing, processing and collecting your data to comply with our service contract with you or your employer.

We may use data which has been anonymised and aggregated into a form where it is no longer personalised data. This may be used for a wide range of purposes for the benefit of LBM Fleet. These may include enabling us to improve the service delivery and service quality, production of new and improved products/services, statistical analysis of usage patterns, behaviour statistics, benchmarking or relative analysis. No personal data that can identify an individual will be used for this purpose.

Inquiry or Complaint Handling

We are committed to maintaining an open and transparent channel to deal with requests from users related to their privacy.

Users can at any time access personal information about the individual that is held by us and also seek correction of such information.

LBM Fleet has a support channel that can handle any request relating to this policy, simply contact support@lbmfleet.com and our team will undertake to respond to all requests within 24 hours.

If a user does not receive a response within the state timeframe, escalations should be directed to the CEO on telephone 1800 564 2665 identifying the call as an ‘escalated privacy related request’. These requests will be escalated to senior management and responded to upon receipt.

Upon receipt of an inquiry or complaint our team will investigate the issue and respond with a solution or if more time is required, an outline of the steps we will be taking to address the query and an estimated time frame when we expect to have a response to the user.

Please note that where the request involves information access and/or correction, we will require a formal identification process of the requestor to be completed before any requests will be processed.

Information Updates and User Access to Information

User information is available and can be accessed via our web platform and mobile applications. A user may also receive alerts via email, push notification or sms. Alerts disclose limited information, instead of requiring the user to login to action the alert.

Information can be accessed and updated by the user or the user may contact LBM Fleet direct and submit a request for update. All update fields are protected by a secure login and any updates will be implemented in real-time.

How information is disclosed and to who

Distribution Of Information

We will not distribute any information without explicit written consent. Our information distribution model relies on the user facilitating any information distribution except in limited circumstances noted below.

The user has access to information that is suitable for distribution (such as the logbook report) and it is the users responsibility to download/export any information (in the form of reports) and distribute (to relevant parties) it as necessary.

Employer Sponsored Service

Where an employer has sponsored LBM Fleet and is using the solution for enterprise purposes we will provide authorised persons with access to the secure LBM Fleet reporting portal.

Data access and privacy levels will be set based on the access level of the authorised individual. Where information is requested that is outside of the usual access levels, LBM Fleet requires written authorisation from an authorised representative.

Access levels will be communicated directly to users via initial communications and/or presentations and/or user training.

If you are an employee/driver and have any queries or would like to request additional information about the reporting available to your employer, we’re here to help, just contact us at support@logbookme.com

Third Party Access

In remote circumstances, we may have arrangements with employers or third parties to provide and distribute information on behalf on users. We will only provide this service where there is written consent from the authorised person. This consent will be kept and referenced by selected staff who have access.

Internal LBM Fleet Access

We have strict internal controls on who is able to access user information. We generally allow access when required to perform tasks then restrict the access once completed.

Our Chief Technology Officer (CTO), has responsibility for user access and information security. We have restricted access across our team and regular internal audit procedures to uphold our internal information security function.

Third Party Disclosure

We may disclose information to the extent that it is required by law, order of any court, tribunal, authority or regulatory body, enforcement authority, rules of any stock exchange or any professional obligations or requirements. If this happens, if practical and to the extent permitted by law, we will notify the user directly of the requirement to disclose and only disclose the minimum information.

Permitted Extraordinary Disclosures

We may also disclose if a permitted general situation exists in relation to a portion or all of the information or in an instance where a health situation exists requiring the information to be disclosed.

Any extraordinary disclosure requires approval by two directors of Logbook Me Pty Limited

How long information is stored

For your convenience, we store user data for a minimum period of 5 years in Australia and 7 years for New Zealand users.

If users wish for their information to be removed and destroyed, please lodge a request via our inquiry and complaint handling noted above.

Our position on overseas disclosure of information

LBM Fleet is operated within Australia and does not store data outside of Australia.

Need clarification or have any questions?

We encourage users to contact us on support@lbmfleet.com with any further queries. Our team would be more than happy to help.

Contact

Logbook Me Pty Limited [ACN 165232520]

Email: support@lbmfleet.com | Web: www.lbmfleet.com