Privacy Policy

Last Updated: October 24, 2023

Navigster is committed to maintaining the highest standards of data security and privacy for institutional transport governance. This policy outlines how we handle data within our platform to ensure transparency, compliance, and safety for all stakeholders, including government bodies, educational institutions, and individual users.

1.

Scope

This Privacy Policy applies to the Navigster platform, including all related websites, mobile applications, and services operated by Navigster Inc. It governs data collected from institutional administrators, operational staff, and student users.

2.

Information Collection

We collect various types of information to provide and improve our governance services:

Institutional Data

  • Office institution name and department details.
  • Administrative contact information (name, email, professional phone number).
  • Regulatory compliance documentation and licensing info.

User Account Data

  • Authentication credentials (managed through institutional SSO or secure login).
  • Profile information (name, role, institutional ID).

Operational Trip Data

  • Route schedules and vehicle assignments.
  • Fleet telemetry data for governance oversight.
  • Incident reports and safety logs.

3.

Trip-Based Tracking Policy

To ensure student safety while respecting individual privacy, Navigster employs strict "Trip-Based Tracking." Location data is only collected during active, assigned transit windows. Persistent background tracking outside of operational hours is strictly prohibited by our system architecture.

4.

Use of Information

Information collected is used exclusively for:

  • Facilitating safe and efficient institutional transport operations.
  • Providing real-time oversight to authorized institutional administrators.
  • Generating compliance reports and audit trails.
  • Improving platform performance and security features.

5.

Data Retention

We retain data only as long as necessary to fulfill the purposes for which it was collected, or as required by institutional agreements and applicable laws. Institutional data is typically archived or purged upon contract termination, subject to legal hold requirements.

6.

Data Sharing

Navigster does not sell personal or institutional data. Data is shared only with:

  • Authorized institutional administrators within your organization.
  • Third-party service providers (e.g., cloud hosting) who are contractually bound to maintain data confidentiality.
  • Legal authorities when required by a valid court order or subpoena.

7.

Multi-Tenant Data Isolation

Our platform utilizes enterprise-grade multi-tenant architecture. This ensures that data from one institution is logically and physically isolated from other institutions, preventing any unauthorized cross-access or data leakage.

8.

Data Security

We implement robust technical and organizational measures, including:

  • AES-256 encryption for data at rest.
  • TLS 1.3+ for data in transit.
  • Regular third-party SOC2 Type II audits.
  • Role-based access controls (RBAC).

9.

Children's Data

When serving educational institutions, Navigster complies with COPPA and FERPA regulations. We only collect the minimum amount of student data required for safe transit operations as directed by the educational institution.

10.

User Rights

Depending on your jurisdiction and institutional agreement, users may have the right to access, correct, or request deletion of their personal data. These requests should typically be initiated through the relevant institution's administrator.

11.

International Transfers

Data may be processed in various global regions. We ensure that any international transfers comply with relevant data protection laws, such as Standard Contractual Clauses (SCCs).

12.

Third-Party Services

The platform may integrate with third-party institutional tools (e.g., SIS or ERP systems). This policy does not cover the privacy practices of those third-party services.

13.

Policy Updates

We may update this policy periodically to reflect changes in our practices or regulatory requirements. We will notify institutional primary contacts of any material changes via email or platform announcements.

14.

Contact Information

For questions regarding this Privacy Policy or our data handling practices, please contact our Data Protection Office at:

Navigster Privacy Office

Email: privacy@Navigster.com

Address: 1200 Governance Plaza, Washington, D.C. 20001