GDPR Compliance Statement
GDPR Compliance Statement – tracer.co.il
This page explains how Tracer Technologies Ltd. ("Tracer", "we") processes personal data in accordance with the GDPR (EU 2016/679) when you visit or interact with tracer.co.il.
Roles & Responsibilities
- Data Controller – Website Leads: Tracer controls contact forms and marketing data collected on the Site.
- Data Processor – Fleet Services: For telemetry data of business customers, Tracer acts as a Processor under a separate service agreement.
Legal Bases for Processing
| Data Category | Legal Basis (Art. 6) |
|---|---|
| Contact / Lead Forms | Legitimate Interest (f) + implied consent |
| Marketing Emails | Explicit Consent (a) – opt-out anytime |
| Analytics Cookies | Consent via Cookie Banner |
| Legal / Accounting Records | Legal Obligation (c) |
International Data Transfers
Telemetry data is stored in secure cloud servers located in the EEA and backed up in the United States. Transfers rely on Standard Contractual Clauses (SCCs) and additional encryption safeguards.
Your GDPR Rights
- Right of Access (Art. 15)
- Right to Rectification (Art. 16)
- Right to Erasure ("Right to be Forgotten") (Art. 17)
- Right to Restrict Processing (Art. 18)
- Data Portability (Art. 20)
- Right to Object / Profiling (Art. 21-22)
To exercise any right, email [email protected]; we will reply within 30 calendar days.
Security Measures (Art. 32)
TLS 1.2+, AES-256 at rest, RBAC with MFA, daily encrypted backups, and semi-annual penetration tests.
EU Representative
Under Art. 27(2)(a) Tracer is not required to appoint an EU representative. Official inquiries can be sent to the email above and will be handled directly.
Lodging a Complaint
If you are an EEA resident and believe your data is processed in breach of the GDPR, you may lodge a complaint with your local Supervisory Authority or with the Israeli Privacy Protection Authority.
Last updated: 06 Aug 2025 · Version: 1.0