Legal Document

Data Retention Policy

Last Updated: 7/16/2026Version 1

This Data Retention Policy explains how long Advance Track System (Pvt) Ltd ("we", "us", "the Company") keeps the different categories of data we process, and how we securely delete data when it is no longer needed. It applies to our GPS tracking platform (which runs on the Traccar engine), customer portal, and mobile applications. This policy should be read together with our Privacy Policy, Data Protection Policy, and Account Deletion Policy.

1. Our Retention Principles

We keep personal and operational data only for as long as necessary to provide our services, meet legal and tax obligations, resolve disputes, prevent fraud, and enforce our agreements. When a retention period ends, we delete the data or irreversibly anonymise it so that it can no longer identify an individual. Retention periods reflect operational needs and the requirements of the laws of Pakistan, and may be extended where a legal hold, investigation, or valid legal process applies.

2. Retention Periods by Data Type

The table below summarises our standard retention approach. Exact periods may vary based on your subscription, contractual terms, and legal requirements. Where a longer legal or tax obligation applies, that longer period prevails.

Data CategoryExamplesTypical Retention
Customer account dataName, contact details, login profile, vehicle and driver recordsFor the life of the account, then deleted after account closure (subject to the grace period)
GPS location historyPositions, live tracking data, location breadcrumbsTypically 12 months on the active platform, unless a longer retention is contracted
Trips and travel dataTrip summaries, mileage, stops, playback dataTypically 12 months, aligned with location history
Reports and analyticsGenerated reports, dashboards, driver and fuel analyticsRetained while the account is active; regenerated from source data as available
Invoices and financial recordsInvoices, receipts, payment and tax recordsRetained for the period required by tax and company law (commonly several years)
Audit logsSecurity, access, and administrative activity logsTypically 12 to 24 months for security and compliance
Support recordsSupport tickets, complaints, correspondenceTypically 24 months after resolution
Deleted account dataData associated with a closed accountDeleted after the grace period; residual copies purged from backups within about 90 days
BackupsEncrypted disaster-recovery backupsRolling retention, typically up to 90 days, then overwritten

3. Customer Account Data

We retain your account profile, vehicle records, driver records, geofences, and settings for as long as your account remains active, because this data is required to deliver the service. When your account is closed or deleted, this data is removed subject to the grace period described in our Account Deletion Policy and to any records we are legally required to keep.

4. GPS Location History, Trips, and Reports

Location positions, trip data, and playback history are among the largest and most sensitive data we hold. We typically retain this data on the active platform for around 12 months so you can review history and generate reports, unless your contract specifies a different retention period. Reports and analytics are derived from this underlying data; once source data is deleted, historical reports covering those periods may no longer be reproducible.

5. Invoices and Financial Records

Because payments are recorded via invoices and receipts (there is no online checkout), we retain financial and tax records for the periods required under the laws of Pakistan. These records are kept even after an account is closed, are stored securely with restricted access, and are deleted only after the applicable legal retention period expires.

6. Audit Logs and Support Records

We retain audit logs of security-relevant and administrative activity to detect and investigate misuse, support incident response, and demonstrate compliance. Support records — including complaints, tickets, and related correspondence — are retained to manage service quality, handle recurring issues, and resolve disputes. These records are kept for the periods indicated in the table and then securely deleted.

7. Deleted Account Data and Backups

When an account is deleted, we remove the associated data from our active systems after the grace period. Residual copies may persist in encrypted backups, which are retained on a rolling basis (typically up to 90 days) for disaster recovery and then overwritten or purged. Backup data is not used for normal operations. After the backup cycle completes, deleted data is no longer recoverable, except for records we are legally required to retain.

8. Secure Deletion

When data reaches the end of its retention period, we delete or anonymise it using reasonable technical measures so that it cannot be reconstructed or attributed to an individual. Physical media and devices are handled securely. Where data is shared with third-party providers (for example map, email, SMS/WhatsApp, or AI providers), retention by those providers is governed by their own policies.

9. Legal Holds and Exceptions

We may retain data beyond the standard periods where required to comply with a legal obligation, respond to a lawful request, protect our rights, or preserve evidence relevant to an active dispute or investigation. Once the hold is lifted, the affected data returns to its normal retention schedule.

10. Changes to this Policy

We may update this Data Retention Policy from time to time. The current version is always published on our website, and continued use of the service constitutes acceptance of the updated policy. This policy is governed by the laws of Pakistan.

11. Contact

For questions about data retention or to make a data request, contact us: