Advance Track System (Pvt) Ltd (“Advance Track System”, “we”, “us” or “our”) is committed to protecting the personal, vehicle and location data entrusted to us by our enterprise, government and individual customers. This Data Protection Policy describes the technical and organisational safeguards we apply across our GPS tracking platform, mobile applications and supporting infrastructure. It complements our Privacy Policy and Security Policy.
1. Encryption in Transit and at Rest
We protect data at every stage of its lifecycle:
- In transit — connections between devices, mobile apps, the customer portal and our servers are secured using industry-standard encryption (such as TLS/HTTPS) to prevent interception.
- At rest — stored data, including GPS history and account records, is protected on secure cloud infrastructure using encryption and hardened storage configurations.
2. Access Control and Role-Based Permissions
Access to customer data is restricted on a strict need-to-know basis. Our platform uses role-based access control (RBAC) so that each staff member and customer user can only see and act on the data relevant to their role and organisation. Administrative privileges are limited to authorised personnel, and access rights are reviewed and revoked promptly when roles change or staff leave.
3. Audit Logs
We maintain detailed audit logs of significant actions across the platform, including logins, configuration changes, data exports and administrative operations. These logs support accountability, help detect suspicious activity, and provide a reliable record for investigating any incident.
4. Password Security
User passwords are never stored in plain text. They are protected using strong one-way hashing so that original passwords cannot be recovered from our systems. We enforce sensible password practices and encourage customers to use strong, unique passwords and to change them if they suspect compromise.
5. Two-Factor and OTP Verification
To strengthen account security, we support additional verification such as one-time passcodes (OTP) and two-factor authentication for eligible accounts and sensitive actions. This helps ensure that only authorised users can access accounts, even if a password is exposed.
6. Server and Infrastructure Security
Our services run on secure cloud infrastructure protected by firewalls, network segmentation, and continuous security patching. The tracking platform (Traccar) and supporting services are configured following security best practices, and administrative access to servers is tightly controlled and monitored.
7. Backups
We perform regular backups of critical data so that information can be restored in the event of hardware failure, accidental deletion or other disruption. Backups are protected with the same care as production data, including encryption and restricted access.
8. Disaster Recovery
We maintain disaster recovery arrangements designed to restore essential services and data within a reasonable timeframe following a major disruption. Recovery procedures are documented and reviewed so that our team can respond effectively to serious events.
9. Incident Response
We operate an incident response process to detect, contain, investigate and remediate security events. If a data breach affecting your personal information occurs, we will act promptly to limit the impact and will notify affected customers and relevant authorities where required by law, along with guidance on any protective steps.
10. Staff Training and Confidentiality
Our staff are bound by confidentiality obligations and receive guidance on data protection, secure handling of customer information, and recognising security threats such as phishing. Access to customer data by staff is limited to legitimate business purposes and monitored through our audit logs.
11. Customer Responsibilities
Data protection is a shared responsibility. Customers should keep credentials confidential, enable available security features, manage their own users’ access carefully, and report any suspected security issue to us promptly using the contact details below.
12. Review of This Policy
We review this Data Protection Policy periodically and update it to reflect changes in our practices, technology or the law. The current version and its “Last Updated” date are always available on our website.
13. Contact
For questions about how we protect your data, contact:
- Advance Track System (Pvt) Ltd
- Email: support@advancetracksystem.com
- Helpline: 03-111-777-354
- Website: www.advancetracksystem.com
- Business hours: Monday to Saturday, 9:00 AM to 6:00 PM (Pakistan time)
