Open Menu

Privacy Policy

Last Updated: 11 Jun 2026

1. Introduction

1.1 TRACKRTEK LIMITED (NZBN 9429053598820), trading as TrackrTek (“TrackrTek“, “we“, “us“, “our“), is committed to protecting the privacy of individuals whose personal information we handle.

1.2 This Privacy Policy explains how we collect, use, store, disclose, and protect personal information in connection with the TrackrTek GPS tracking platform, hardware, SIM cards, and related services (the “Service“).

1.3 We comply with the Privacy Act 2020 (NZ) and the Information Privacy Principles (IPPs) set out in that Act.

1.4 This Privacy Policy applies alongside our Terms and Conditions. Capitalised terms used but not defined here have the meanings given in the Terms and Conditions.

2. Scope — who this policy applies to

This Privacy Policy applies to:

  • Account holders — individuals and authorised representatives of businesses that hold a TrackrTek account.
  • Website visitors — anyone who visits trackrtek.co.nz or related sites.
  • Tracked individuals — to a limited extent (see section 11 below), individuals whose location is tracked by a TrackrTek customer using our Devices.
  • Enquirers and prospective customers — anyone who contacts us, signs up for marketing, or otherwise provides us with information.

3. The information we collect

3.1 Account and customer information

When you register, purchase, or use the Service, we collect:

  • name and contact details (email address, phone number, postal address);
  • business name, role, and NZBN (where applicable);
  • account credentials (username, hashed password, two-factor authentication details);
  • billing and payment information (handled by our payment processor — see section 7);
  • communications with us (support tickets, emails, chat transcripts); and
  • preferences and settings within the Platform.

3.2 Device and tracking data

When you use Devices and the Service, we collect:

  • Device identifiers (IMEI, serial number, firmware version);
  • SIM Card identifiers (ICCID, cellular network identifiers);
  • location data (GPS coordinates, speed, heading, altitude, timestamps);
  • telemetry data (signal strength, battery level, sensor readings, motion events);
  • connection metadata (cell tower information, connection timestamps, data volumes); and
  • any custom labels, notes, or metadata you associate with Devices.

3.3 Website and platform usage data

When you visit our website or use the Platform, we automatically collect:

  • IP address and approximate location;
  • browser type and version, operating system, device type;
  • pages viewed, links clicked, session duration;
  • referring URLs and search terms;
  • cookies and similar technologies (see section 12); and
  • crash reports and performance diagnostics.

3.4 Marketing and communications information

If you subscribe to communications or interact with us on social media, we may collect:

  • email subscription status;
  • engagement data (opens, clicks);
  • responses to surveys; and
  • public information from social media interactions.

4. How we collect information

4.1 Directly from you — when you register an account, purchase hardware, configure Devices, contact support, respond to surveys, or otherwise interact with us.

4.2 Automatically — through your use of the Service, the Platform, and our website (including via Devices, browsers, and apps).

4.3 From third parties — including payment processors, fraud prevention services, business directories, and (with your consent) social media platforms.

4.4 From other users — for example, when an account administrator adds you as a sub-user.

Where we collect information about you from someone other than you, we will take reasonable steps to ensure that you are aware of the collection unless an exception under IPP 3 applies.

5. Why we use information

We use personal information for the following purposes:

5.1 To provide the Service

  • create and manage accounts;
  • activate and manage SIM Cards and Devices;
  • deliver tracking, telemetry, and Platform functionality;
  • process payments and manage subscriptions;
  • provide customer support.

5.2 To operate and improve our business

  • maintain, secure, and improve the Platform and Devices;
  • diagnose and fix bugs, prevent abuse, and monitor for fraud;
  • analyse usage trends in aggregated, de-identified form;
  • develop new features and services.

5.3 To communicate with you

  • respond to enquiries and provide support;
  • send service announcements, security alerts, and billing notices;
  • send marketing communications where you have consented or where permitted by law (see section 13).

5.4 To comply with legal obligations

  • meet our obligations under New Zealand law and the requirements of competent authorities;
  • enforce our Terms and Conditions;
  • protect our rights, property, and the safety of others;
  • respond to lawful requests from regulators, law enforcement, or courts.

6. Tracking data — our role and yours

6.1 Your role. When you use TrackrTek to track individuals, you are the agency that determines the purposes and means of collecting their personal information under the Privacy Act 2020. You are responsible for:

  1. having a lawful basis for the tracking;
  2. notifying tracked individuals as required under IPP 3 (purpose, recipients, rights);
  3. obtaining any consents required by law (e.g., under employment, surveillance, or other legislation);
  4. responding to requests from tracked individuals for access to or correction of their information;
  5. ensuring tracking is fair, lawful, and not unreasonably intrusive (IPP 4); and
  6. complying with any other applicable laws (including overseas privacy laws if tracked individuals are based outside NZ).

6.2 Our role. We process tracking data on your behalf as part of providing the Service. We:

  1. act in accordance with your reasonable instructions as expressed through your use of the Platform;
  2. implement reasonable security measures (section 9);
  3. do not use tracking data for our own purposes, except to provide and improve the Service, comply with law, or in aggregated/de-identified form (section 5.2);
  4. will assist you (within reason) in responding to requests from tracked individuals.

6.3 Tracked individuals’ requests to us. If a tracked individual contacts us directly about their information, we will generally refer them to the relevant account holder (i.e., you), as you are best placed to respond. We may, however, take action where required by law.

7. Who we share information with

We share personal information only as described below.

7.1 Service providers and partners

We share information with trusted third parties who help us provide the Service, including:

  • Cellular connectivity provider — TM S.r.l. (Italy), which provides the SIM Card connectivity. SIM Card and connection metadata is processed on their infrastructure.
  • Cloud hosting and infrastructure — DigitalOcean for server hosting, storage, and computing.
  • Payment processing — Stripe for payment card and billing data. We do not store full card numbers ourselves.
  • Email and communications providers — Mailgun for transactional and marketing email delivery.
  • Analytics and monitoring — Google Analytics for understanding website and platform performance.
  • Support tools — Google Workspace for managing customer support enquiries.

Each provider is bound by confidentiality and data protection obligations and is only permitted to use the information for the purposes for which we share it.

7.2 Within your organisation

If you are an account user belonging to a business customer, we may share your information with other authorised users in your organisation (such as administrators).

7.3 Legal and compliance

We may disclose information where:

  • required by law, court order, or competent authority;
  • necessary to investigate, prevent, or respond to fraud, security incidents, or violations of our Terms and Conditions;
  • necessary to protect the rights, property, or safety of TrackrTek, our customers, or others; or
  • in connection with a corporate transaction (e.g., merger, acquisition, sale of assets), in which case we will require recipients to protect the information.

7.4 With your consent

We may share information for other purposes with your express consent.

7.5 No sale of personal information

We do not sell personal information to third parties.

8. Sending information overseas

8.1 In providing the Service, personal information may be transferred to, stored in, or processed in countries outside New Zealand, including:

RecipientCountryPurpose
TM S.r.l.Italy (European Union)Cellular connectivity
DigitalOceanUnited StatesHosting and infrastructure
StripeUnited StatesPayment processing
MailgunUnited StatesEmail and communications
Google AnalyticsUnited StatesAnalytics, monitoring and email

8.2 Before disclosing personal information overseas, we take reasonable steps to ensure that the recipient is subject to privacy protections comparable to those under the Privacy Act 2020, as required by IPP 12. This may include relying on contractual protections, the recipient being subject to comparable laws (such as the EU GDPR), or, where required, obtaining your authorisation.

9. How we protect information

9.1 We use reasonable technical, organisational, and physical security measures to protect personal information against loss, unauthorised access, use, modification, disclosure, and other misuse. These measures include:

  1. encryption of data in transit (TLS) and at rest where appropriate;
  2. access controls, role-based permissions, and multi-factor authentication for staff and administrators;
  3. network-level controls including IP allow-listing and (where applicable) private APNs for SIM connectivity;
  4. regular security reviews, vulnerability scanning, and software updates;
  5. staff training on privacy and security;
  6. backup and disaster recovery procedures.

9.2 No system is completely secure. While we work hard to protect personal information, we cannot guarantee absolute security, and you should also take steps to protect your account (such as using strong, unique passwords and enabling two-factor authentication).

9.3 If a privacy breach occurs that is likely to cause serious harm, we will notify affected individuals and the Office of the Privacy Commissioner as required by the Privacy Act 2020.

10. How long we keep information

10.1 We keep personal information only for as long as it is needed for the purposes described in this Privacy Policy, or as required by law.

10.2 General retention periods:

  • Account information — for the duration of your account, plus 7 years after closure (to meet tax, contractual, and legal record-keeping obligations).
  • Tracking data — At least 12 months from generation, then deleted or anonymised.
  • Billing records — at least 7 years (to comply with the Tax Administration Act 1994).
  • Support communications — 3 years from the last contact.
  • Marketing data — until you unsubscribe, plus a short suppression record to honour your preference.
  • Website analytics — 3 years.

10.3 When information is no longer needed, we delete or de-identify it in a secure manner.

11. Your rights

You have the following rights in relation to your personal information held by us.

11.1 Access (IPP 6). You may request a copy of the personal information we hold about you.

11.2 Correction (IPP 7). You may request that we correct personal information about you that is inaccurate, incomplete, out of date, or misleading.

11.3 Withdraw consent. Where we rely on your consent (such as for marketing), you may withdraw that consent at any time.

11.4 Unsubscribe. You may unsubscribe from marketing emails using the link in any such email, or by contacting us.

11.5 Make a complaint. You may complain to us using the contact details in section 16. You may also complain to the Office of the Privacy Commissioner (see section 15).

11.6 How to make a request. Contact us at [email protected]. We may need to verify your identity before responding. We will respond within 20 working days, as required by the Privacy Act 2020. There is generally no charge, but we may charge a reasonable cost-recovery fee for complex requests.

11.7 Limitations. We may decline a request where the Privacy Act allows (for example, if the information relates to another individual, would breach legal privilege, or is subject to a statutory exception).

11.8 Tracked individuals. If you are an individual whose location is being tracked using TrackrTek by an account holder, please first contact that account holder. See section 6 for details.

12. Cookies and similar technologies

12.1 We use cookies and similar technologies on our website and Platform to:

  1. enable essential site and Platform functions (e.g., authentication, security);
  2. remember your preferences;
  3. understand how the site and Platform are used;
  4. measure marketing effectiveness.

12.2 Types of cookies we use:

  • Strictly necessary — required for the site/Platform to function. Cannot be disabled.
  • Functional — remember preferences and settings.
  • Analytics — help us understand site usage.
  • Marketing — used to measure ad performance and may be set by third parties.

12.3 You can control cookies through your browser settings. Disabling some cookies may affect site functionality.

13. Marketing

13.1 We may send you marketing communications about TrackrTek products and services where you have consented or where permitted by the Unsolicited Electronic Messages Act 2007.

13.2 Every marketing email includes an unsubscribe link. You can also opt out by contacting us at [email protected].

13.3 We do not share your contact details with third parties for their own marketing purposes.

14. Children

14.1 The Service is not directed at children under 16, and we do not knowingly collect personal information from children under 16 without parental or guardian consent.

14.2 If you believe we have collected information from a child without appropriate consent, please contact us so we can address the issue.

15. Privacy Commissioner

If you have a concern about how we have handled your personal information and you are not satisfied with our response, you may complain to the Office of the Privacy Commissioner:

Office of the Privacy Commissioner
PO Box 10094, Wellington 6143
Phone: 0800 803 909
Web: https://www.privacy.org.nz

16. Contact us

For any privacy-related questions, requests, or concerns:

Privacy Officer
TRACKRTEK LIMITED (trading as TrackrTek)
Email: [email protected]
Web: https://trackrtek.co.nz

17. Changes to this Privacy Policy

17.1 We may update this Privacy Policy from time to time. The current version is always available at https://trackrtek.co.nz/privacy-policy/.

17.2 If we make material changes, we will notify you by email or through the Platform at least 30 days before the changes take effect. Your continued use of the Service after that date constitutes acceptance of the updated Policy.

17.3 The “Last Updated” date at the top of this Policy indicates when it was most recently revised.