VehiX360 Privacy Page

This Privacy Policy explains how CRESO Holdings LLC, a Texas limited liability company, doing business as VehiX, VehiX360, and VehiX360.com (collectively referred to as "VehiX360," "Company," "we," "us," or "our"), collects, uses, discloses, and protects information when you access or use our websites, applications, and services (collectively, the "Services").

VehiX360 provides fleet vehicle check-out/check-in workflows, photo-based inspections, incident reporting, audit history, and related fleet accountability tools to business customers in both the private and public sectors. VehiX360 does not provide consumer vehicle GPS tracking unless explicitly enabled via a separate integration or feature described in your account.

If you have questions about this policy, contact us at:
Email: privacy@vehix360.com

1) Who This Policy Applies To

This policy applies to:

• Visitors to our websites (marketing site and documentation)
• Users of our web and mobile applications
• Customer organizations ("Customers") that subscribe to VehiX360

B2B / Customer Data Note

VehiX360 is typically used by a Customer (a business, agency, or organization) to manage its fleet. When a Customer's administrators invite you (e.g., as a driver or fleet manager), your use of VehiX360 is subject to the Customer's policies as well.

2) Definitions

• Account Owner / Customer Admin: A user authorized by the Customer to manage settings and users.
• End User: A driver, employee, contractor, or other authorized user of the Customer.
• Customer Data: Data submitted to VehiX360 by or on behalf of a Customer in connection with the Services (e.g., vehicle records, checkouts, photos, incident reports).

3) Information We Collect

A. Information You Provide to Us

Account and profile data

• Name, email address, phone number (optional)
• Role/permissions (e.g., driver, manager)
• Login credentials (stored in hashed form if applicable)

Operational fleet data (Customer Data)

• Vehicle details (e.g., internal vehicle ID, VIN, license plate, make/model, status)
• Check-out/check-in records (who, when, odometer, fuel level, notes)
• Inspection responses/checklists (if enabled by the Customer)
• Incident reports (damage notes, severity, status, resolution notes)
• Attachments/photos uploaded during inspections or incidents

Support and communications

• Messages you send to support
• Feedback, bug reports, feature requests

B. Information We Collect Automatically

Usage and device data

• App interactions and feature usage
• Device type, OS version, browser type, app version
• IP address, approximate location derived from IP (not precise GPS)
• Log files, diagnostic data, crash reports (if enabled)

Audit and security logs

• Logins, permissions changes, administrative actions
• Important activity events (e.g., user creation, vehicle edits, incident updates)

C. Camera & Photos

If you use features that require camera access (e.g., QR scanning or photo inspections), the app may request permission to access your camera.

• We collect photos and related metadata you submit (such as timestamps).
• We do not access your camera without your action/permission.

D. Cookies and Similar Technologies (Websites)

Our websites may use cookies and similar technologies for:

• Essential site functionality
• Analytics and performance
• Security and fraud prevention

You can control cookies through your browser settings.

4) How We Use Information

We use information to:

• Provide and operate the Services (vehicle workflows, inspections, incident tracking)
• Authenticate users and enforce role-based access controls
• Maintain audit trails and system integrity
• Process subscriptions and manage billing (typically via a payment processor)
• Improve and develop features, including usability and performance
• Monitor for security incidents, prevent abuse, and enforce policies
• Provide customer support and respond to requests
• Comply with legal obligations and protect rights and safety

5) Legal Bases for Processing (If Applicable)

If you are located in a jurisdiction that requires a legal basis (e.g., EEA/UK), we process personal data under one or more of the following:

• Contract: To provide the Services you or your organization requested
• Legitimate interests: Security, fraud prevention, product improvement, customer support
• Consent: Where required (e.g., optional cookies/analytics, certain marketing)
• Legal obligation: Compliance with applicable laws and requests

6) How We Share Information

We do not sell your personal information. We may share information as follows:

A. With Your Organization (Customer)

If you are an End User, your Customer's administrators may access Customer Data associated with your use, including checkouts, incident reports, notes, and uploaded photos, subject to the Customer's settings and permissions.

B. Service Providers (Processors)

We may share data with third-party service providers that help us operate the Services, such as:

• Hosting and cloud infrastructure providers
• Analytics and error monitoring providers (optional)
• Customer support tools
• Email/SMS providers for service notifications
• Payment processors for subscription billing (e.g., Stripe)

These providers are authorized to process data only as needed to provide services to us and are required to protect it.

C. Legal, Safety, and Compliance

We may disclose information if we believe it is necessary to:

• Comply with law, regulation, legal process, or governmental request
• Protect the security of the Services
• Investigate fraud, abuse, or violations
• Protect rights, property, or safety of VehiX360, Customers, users, or the public

D. Business Transfers

If we undergo a merger, acquisition, financing, or sale of assets, information may be transferred as part of that transaction. We will provide notice where required.

7) Data Retention

We retain information for as long as necessary to:

• Provide the Services
• Meet Customer contractual requirements
• Comply with legal obligations
• Resolve disputes and enforce agreements

Customer Data retention is generally controlled by the Customer's subscription and settings. Upon termination, we may retain Customer Data for a limited period for account recovery or legal compliance, then delete or de-identify it according to our retention policies and agreements.

8) Security

We use administrative, technical, and organizational measures designed to protect information, such as:

• Access controls and least-privilege permissions
• Encryption in transit (TLS) and, where applicable, encryption at rest
• Monitoring, logging, and audit trails
• Secure development practices

No system is 100% secure, and we cannot guarantee absolute security. If you believe your account has been compromised, contact us immediately at support@vehix360.com.

9) Your Choices and Controls

Account Information

You may update certain profile details through the app or via your organization's admin.

Camera Permissions

You can enable/disable camera access through your device settings. Some features (QR scanning, photo inspections) may not function without it.

Cookies (Web)

You can control cookies in your browser settings.

Email Preferences

You may opt out of non-transactional marketing emails by using the unsubscribe link. Service emails (billing, security, account notices) may still be sent.

10) Individual Rights (Access, Deletion, Etc.)

Depending on where you live, you may have rights such as:

• Access to personal data
• Correction of inaccurate data
• Deletion of personal data
• Objection or restriction of processing
• Data portability

End Users (B2B)

If you use VehiX360 through an organization, requests may need to be directed through your Customer admin, because your data is usually controlled by your organization.

To submit a request, email privacy@vehix360.com with:

• Your name
• Your organization (tenant)
• The request type (access, delete, correct, etc.)

We will respond as required by applicable law.

11) International Transfers

If you access the Services from outside the country where our servers are located, your information may be transferred and processed internationally. Where required, we use appropriate safeguards (e.g., standard contractual clauses).

12) Children's Privacy

The Services are not intended for children under 13 (or the age required by local law). We do not knowingly collect personal information from children. If you believe a child has provided information, contact us to request deletion.

13) Third-Party Links and Integrations

The Services may include links to third-party sites or integrate with third-party services. Their privacy practices are governed by their policies, not ours. Review third-party policies before providing information.

14) Changes to This Privacy Policy

We may update this policy from time to time. If changes are material, we will provide notice (e.g., in-app notice or email). The "Effective Date" above indicates when this policy took effect.

15) Contact Us