TZTruckZen
PrivacyTermsCookiesSecurity

TruckZen legal

Privacy Policy

How TruckZen collects, uses, shares, protects, and retains information for shop operations, OCR/imports, customer portal sharing, policy acceptance, audits, backups, and security monitoring.

Last updated: June 2026Applies to TruckZen ServiceOperational policy

Contents

01Who we are and what this covers02Information we collect03How we use information04How we share information05Cookies, sessions, and local storage06Retention, trash, backups, and policy records07Security and unauthorized-access monitoring08Your rights and choices09Changes and contact
01

Scope

Who we are and what this covers

TruckZen operates the TruckZen platform at truckzen.pro and related mobile-friendly web views. This Privacy Policy explains how we collect, use, share, protect, and retain information when you use the Service.

The Service is built for commercial truck repair facilities, fleet maintenance operations, and automotive service businesses. It supports work orders, estimates, invoices, parts, purchase orders, vendor bills, asset records, compliance-data organization, employee time tracking, customer records, uploaded documents, customer portals, Smart Drop, OCR-assisted imports, barcode and scanner workflows, audits, backups, and reporting.

02

Data categories

Information we collect

Account and contact information. We collect name, email address, phone number, shop or organization name, role, permissions, invite status, authentication metadata, multi-factor authentication settings where enabled, and policy acceptance or decline records.

Shop, customer, vendor, vehicle, driver, mechanic, and company data. We collect business profile information, customer and vendor records, contacts, vehicle and asset records, VINs, mileage, license plates, driver records, mechanic records, employee records, fleet records, service history, and similar operational information entered into the Service.

Work order, estimate, invoice, purchase order, vendor bill, and parts data. We collect the operational records your team creates, imports, edits, sends, approves, declines, matches, receives, adjusts, restores, or deletes, including line items, quantities, notes, manually recorded payments, customer approval events, and customer-portal activity.

Uploaded content and Smart Drop files. We store files, photos, videos, work order attachments, customer documents, employee documents, driver credentials, vehicle photos, vendor bills, purchase orders, invoices, Smart Drop uploads, OCR inputs, and metadata such as filename, type, size, uploader, storage path, and upload time.

Imports, OCR, AI, and scanner metadata. We may store source-system attribution, parsed fields, raw OCR text, confidence signals, classification results, matching context, parser versions, OCR policy versions, barcode values, and human review state for imported, extracted, scanned, or suggested records.

Workplace timekeeping, location, and device data. If enabled by your shop, we collect clock-in and clock-out events, job timers, break timers, GPS coordinates supplied by the device, geofence status, override reasons, approved-network context, terminal-device-trust identifiers, and related audit history.

Usage, audit, security, and platform logs. We collect page and feature usage, timestamps, browser and device information, IP address, user agent, request identifier, login attempts, blocked-IP events, policy acceptance records, platform admin actions, impersonation or support-access audit events, and before/after snapshots for sensitive record changes where supported.

03

Processing purposes

How we use information

We use information to:

  • authenticate users, route them by role, maintain sessions, and protect accounts;
  • operate work orders, estimates, invoices, purchase orders, vendor bills, parts, assets, customer records, customer portals, uploads, Smart Drop, OCR/imports, barcode and scanner workflows, reporting, and backups;
  • deliver transactional emails such as invites, resets, estimates, invoices, approvals, work order updates, kiosk notices, and operational notifications;
  • run workplace features your shop enables, including timekeeping, geofence checks, terminal-device trust, and job attribution;
  • detect suspicious activity, investigate errors, preserve audit history, respond to security incidents, and enforce our Terms;
  • restore service after failures, test backup and restore readiness, and monitor backup status; and
  • improve reliability, performance, and product quality using aggregated or de-identified operational insight.

Imports, Smart Drop, AI, OCR, barcode, and scanner outputs are productivity aids only. They require human verification before use in operations, accounting, payroll, repair, regulatory, billing, compliance, or inventory decisions.

04

Sub-processors

How we share information

We do not sell personal information. We share information only where needed to operate, secure, support, or legally administer the Service.

  • Amazon Web Services (AWS). Application hosting, database/runtime infrastructure, authentication support, object storage, OCR services, operational logs, backups, restore workflows, alerting, and related infrastructure.
  • Amazon SES. Transactional email delivery for invites, resets, estimates, invoices, operational notices, and similar messages.
  • Inside your organization. Authorized users can access records based on their assigned roles and permissions.
  • Customer portal recipients. Customers can view or respond to the specific estimates, invoices, work orders, kiosk check-ins, documents, or links your team chooses to share.
  • Legal and business needs. We may disclose information where required by law, legal process, security investigation, fraud prevention, rights protection, or a business transaction such as merger, acquisition, financing, or asset sale.
05

Browser storage

Cookies, sessions, and local storage

TruckZen uses essential cookies, session storage, and local storage to authenticate users, maintain sessions, preserve shop and role context, protect against abuse, remember interface preferences, store cookie preferences, and support terminal-device trust for enrolled workplace clock-in terminals.

Essential authentication and security storage cannot be disabled while using the Service. Disabling browser cookies, session storage, or local storage may prevent sign-in, role routing, customer portal access, or workplace terminal features from working correctly.

TruckZen does not use third-party advertising trackers. Optional diagnostics choices are handled through the Cookie Preferences Center where available.

06

Lifecycle

Retention, trash, backups, and policy records

We retain account information and service data while your account is active and as needed for operations, support, accounting, tax, audit, security, legal, backup, restore, and dispute-resolution purposes.

  • Trash and soft-delete. Supported records placed in trash are eligible for purge after the configured retention window. Some records are retained longer for audit or legal reasons.
  • Audit, activity, and security logs. Audit logs, activity logs, platform admin logs, login attempts, blocked-IP records, and unauthorized-access records may be retained longer for accountability and investigation.
  • Policy acceptance records. Required policy acceptance, decline, and review records are retained to show what policy version applied to a user and when the user responded.
  • Backups and restore records. Encrypted backups, backup notification metadata, restore rehearsal metadata, table counts, byte sizes, timestamps, and success or failure indicators may be retained beyond the lifecycle of original rows.
  • Uploaded content. Storage objects may not be removed immediately when a database row is deleted. Orphaned object cleanup may run on a separate schedule.

If you request deletion, we will use commercially reasonable efforts to delete or anonymize personal information within a reasonable period, except where retention is required for legal, accounting, audit, security, backup, operational, or legitimate business purposes.

07

Protection

Security and unauthorized-access monitoring

We use security measures intended to protect information, including TLS in transit, encrypted storage and backups where supported by infrastructure, role-based access controls, shop and tenant scoping, session management, password requirements, authentication rate limiting, audit logs, and AWS production operational monitoring.

The Service logs and preserves information about attempts by authenticated users to reach owner-only backend, developer, administrative, platform, or API-key surfaces they are not authorized to use, including probing, scraping, credential or API-key discovery, attempts to bypass role checks, reverse engineering, data exfiltration, and vulnerability scanning.

Security records may include user identifier, role, email, IP address, user agent, request identifier, route path, and event time. They are designed not to include request bodies, passwords, API keys, tokens, cookies, authorization headers, environment variables, full URLs, or query strings.

We may use these records to investigate abuse, disable access, notify affected organizations, preserve evidence, refer matters to law enforcement, and pursue legal remedies where permitted by law.

08

Control

Your rights and choices

Depending on your jurisdiction, you may have rights to access, correct, delete, export, object to, or restrict certain processing of your personal information. To make a request, contact support@truckzen.pro.

Some records may be controlled by your employer, shop, fleet, or organization rather than by TruckZen directly. If you use TruckZen through an organization, we may direct certain requests to that organization or process the request with that organization's involvement.

09

Updates

Changes and contact

We may update this Privacy Policy as the Service, vendors, infrastructure, features, and legal requirements change. When we do, we will update the "Last updated" date and, where appropriate, provide additional notice through the Service or by email.

Questions about this Privacy Policy or TruckZen data practices may be sent to support@truckzen.pro. See the Terms of Service for service-use rules.