Privacy Policy

uptechsoft.com

Effective Date: June 12, 2026

This site is operated by Upgrade Technology, LLC (dba 'Uptechsoft').

  1. Introduction

Uptech Software LLC ("Uptech," "we," "us," or "our") is committed to protecting the privacy and security of information processed through our platform. This Privacy Policy (“Privacy Policy”) describes how we collect, use, store, and protect information when you access or use our platform and services at uptechsoft.com (the “Platform”) and all related products, services, features, tools, web applications, and content offered by Uptech (collectively, the "Service"). The terms “you” and “your” refer to the user of the Service. If you are using the Service on behalf of a business, association, or other entity, “you” or “your” will also refer to such business, association, or other entity, unless the context clearly dictates otherwise. You represent and warrant that you are authorized to consent to these terms on behalf of such business, association, or other entity, and we may rely on this representation. This Privacy Policy also explains how Uptech may use and share your Personal Information (as defined in Section 3), as well as the choices available to you.

This Privacy Policy applies to all users of the Service, including employees of subscribing organizations, authorized third-party contractors, and any individual who accesses the Service. By using or continuing to use the Service, you acknowledge that you have read and understand this Privacy Policy and agree to the Terms of Service, which is incorporated by reference. If you choose to access or use the Service, your access and use, and any dispute over privacy, are subject to this Privacy Policy and our Terms of Service, including, but not limited to, limitations on damages and resolution of disputes. Where we rely on consent as the legal basis for processing your Personal Information, we will obtain your affirmative consent through clear opt-in mechanisms at the point of collection. You may withdraw your consent at any time; however, the withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. Where we rely on other legal bases for processing (such as contractual necessity or legitimate interests), your continued use of the Service constitutes your acknowledgment of such processing as described herein. If you do not agree, please do not access or use the Service.

By using or continuing to use the Service, you acknowledge that you have read and understand this Privacy Policy and agree to the Terms of Service (incorporated herein by reference). Your access and use of the Service, and any dispute over privacy, are subject to this Privacy Policy and the Terms of Service, including limitations on damages and dispute resolution procedures.

The Service is a business-to-business platform intended for use by authorized business users within client organizations (i.e., rental car companies and their personnel). Access to the Service is provided following execution of a master services agreement with Uptech. Login credentials are issued by the subscribing organization or by Uptech on behalf of the subscribing organization. To use the Service, you must be, and you represent and warrant that you are, at least the age of majority in your state, province, or jurisdiction of residence and competent to agree to these terms.

  1. Our Role: Data Processor vs. Data Controller

For Customer Data (as defined in Section 3.1) submitted to the Platform by or on behalf of subscribing organizations, Uptech operates as a data processor (or “service provider” under certain state privacy laws) on behalf of our customers (the data controllers). Our customers determine the purposes and means of processing Customer Data. Uptech processes Customer Data solely to provide the Service as instructed by the customer pursuant to the applicable master services agreement and any data processing addendum.

For Account Data and Usage Data (each as defined in Sections 3.2 and 3.3 below) related to the operation of the Service itself, Uptech acts as the data controller and determines the purposes and means of processing such information. This Privacy Policy primarily addresses Uptech’s practices as a data controller with respect to Account Data and Usage Data.

  1. Information We Collect

    1. Customer Data (Processed on Behalf of Customers)

The following data may be submitted to the Platform by or on behalf of subscribing organizations (“Customer Data”), which may include:

  1. Toll transaction records (toll amount, date, time, location, plaza, authority, plate number, transponder ID);

  2. Fleet and vehicle data (VIN, plate number, vehicle make/model, registration status);

  3. Rental agreement data (renter name, rental period, checkout/checkin locations, vehicle assignments);

  4. Transponder records (transponder ID, assignment history, installation records, activation status);

  5. Violation and citation records (citation number, amount, authority, resolution status);

  6. Billing and fee data (calculated fees, taxes, exchange rates, statement records); and

  7. Partner integration data (file imports, format mappings, acknowledgment records); and

  8. Payment token data (tokenized payment credentials for renter billing, which does not include credit card numbers, cardholder names, or billing addresses).

  1. Account Data (Controlled by Uptech)

We collect the following information to operate and secure user accounts (“Account Data”), which may include:

  1. Name, email address, and job title of authorized users;

  2. Organization name and account configuration;

  3. Login credentials (passwords are stored in hashed form only);

  4. Role and permission assignments; and/or

  5. Payment token data (tokenized payment credentials for billing purposes, which does not include credit card numbers, cardholder names, or billing addresses).

  1. Usage Data (Collected Automatically)

We automatically collect certain information when you use the Service (“Usage Data”), which may include:

  1. IP address and approximate geographic location;

  2. Browser type and operating system;

  3. Pages and features accessed within the Service;

  4. Date and time of access; and

  5. Actions performed within the Service (audit log).

  1. Personal Information

When we refer to “Personal Information” in this Privacy Policy, we mean any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual or household. Personal Information includes Account Data and Usage Data to the extent such data constitutes Personal Information under applicable law.

  1. How We Use Information

We use Personal Information for the following purposes. For each purpose, we have identified the legal basis under the EU General Data Protection Regulation (“GDPR”) and, where applicable, the business purpose categories recognized under California and other U.S. state privacy laws:

  1. To provide, operate, and maintain the Service. Legal basis: Art. 6(1)(b) GDPR (performance of a contract).

  2. To process toll transactions, match them to rental agreements, calculate billing, and process payments using tokenized payment credentials. Legal basis: Art. 6(1)(b) GDPR (performance of a contract).

  3. To manage user accounts and enforce access controls. Legal basis: Art. 6(1)(b) GDPR (performance of a contract); Art. 6(1)(f) GDPR (legitimate interests in platform security).

  4. To communicate with users about the Service, including support and operational notifications. Legal basis: Art. 6(1)(b) GDPR (performance of a contract); Art. 6(1)(f) GDPR (legitimate interests in customer communication).

  5. To monitor and improve the performance, security, and reliability of the Service. Legal basis: Art. 6(1)(f) GDPR (legitimate interests in service improvement and security).

  6. To comply with legal obligations. Legal basis: Art. 6(1)(c) GDPR (legal obligation).

  7. To generate de-identified, aggregated, or anonymized analytics about platform usage (never at the individual or customer-identifiable level). Once de-identified, we do not attempt to re-identify the data and we implement technical, organizational, and contractual measures to prevent re-identification. Legal basis: Art. 6(1)(f) GDPR (legitimate interests in service analytics and improvement).

  1. Information Sharing and Disclosure

We do not sell, rent, release, or share Personal Information to third parties for monetary or other valuable consideration. We do not engage in cross-context behavioral advertising or share Personal Information with third parties for targeted advertising purposes. We may share information only in the following circumstances:

  1. With the customer's authorized users and administrators, as determined by the customer's access configuration. Legal basis: Art. 6(1)(b) GDPR (performance of a contract).

  2. With toll authorities, as necessary to register plates, activate transponders, or resolve violations on behalf of the customer. Legal basis: Art. 6(1)(b) GDPR (performance of a contract).

  3. With infrastructure and service providers who assist in operating the Service (e.g., cloud hosting, email delivery), provided such providers are subject to written contracts that restrict the use of Personal Information to the purposes for which it is disclosed and require the service provider to maintain confidentiality. Legal basis: Art. 6(1)(b) GDPR (performance of a contract); Art. 6(1)(f) GDPR (legitimate interests).

  4. As required by law, regulation, legal process, or governmental request. Legal basis: Art. 6(1)(c) GDPR (legal obligation).

  5. To protect the rights, property, or safety of Uptech, our customers, or others. Legal basis: Art. 6(1)(f) GDPR (legitimate interests in protecting rights and safety).

  6. In connection with a merger, acquisition, financing, divestiture, restructuring, reorganization, bankruptcy, dissolution, or sale of some or all of our assets (whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding), or transition of the Service to another provider. In such event, Personal Information held by us about you may be among the assets transferred. We will provide notice to affected subscribing organizations prior to such transfer taking effect. Legal basis: Art. 6(1)(f) GDPR (legitimate interests in business transactions).

  1. Data Retention

Customer Data is retained for the duration of the customer's subscription and for a period of one hundred eighty (180) days following termination or expiration to allow for data export late-posting toll matching, and transaction reconciliation, unless a longer retention period is required by applicable law or the customer's subscription agreement specifies different retention terms.

After the retention period, we permanently delete Customer Data from active systems within one hundred eighty (180) days. Backup copies may persist for up to an additional ninety (90) days in accordance with our backup retention schedule, after which they are destroyed in accordance with our data destruction procedures.

We retain Account Data and Usage Data for as long as reasonably necessary to fulfill the purposes for which they were collected, manage your relationship with us, provide the Service, and comply with legal, accounting, or reporting obligations. In determining the appropriate retention period, we consider the nature and sensitivity of the information, the purposes for which it is processed, applicable legal and regulatory requirements, and applicable statutes of limitations.

  1. Data Security

Uptech has implemented reasonable technical, physical, administrative, and organizational safeguards designed to protect information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  1. Encryption of data in transit (TLS 1.2+) and at rest (AES-256);

  2. Row-level security at the database level to enforce tenant data isolation;

  3. Role-based access controls with per-application permission management;

  4. Comprehensive audit logging of all data access and modifications;

  5. Regular security assessments and vulnerability monitoring; and

  6. Access controls for Uptech personnel, limited to need-to-know basis.

Notwithstanding the foregoing, no system or network can be guaranteed to be one hundred percent (100%) secure, and we cannot ensure or warrant the security of any information transmitted to or stored within the Service. Any transmission of information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Service. Where we have given you (or where you have chosen) a password for access to certain parts of the Service, you are responsible for keeping this password confidential. In the event of a data breach involving Personal Information, we will notify affected parties and the applicable supervisory or regulatory authorities as required by applicable law.

  1. Cookies and Tracking Technologies

The Service uses only functional cookies that are strictly necessary for the operation of the Platform. These include:

  1. Session cookies to maintain your authenticated session;

  2. Security cookies to prevent cross-site request forgery and other attacks; and

  3. Preference cookies to remember your display and configuration settings.

We do not use advertising cookies, third-party tracking cookies, or analytics cookies that track users across websites. We do not engage in behavioral advertising, cross-site tracking, or share Personal Information with third parties for targeted advertising purposes.

  1. “Do Not Track” Signals

“Do Not Track” (“DNT”) is a privacy preference you can set in certain web browsers. When you turn on this preference, it sends a signal or message to the websites you visit indicating that you do not wish to be tracked. Please note that we currently do not respond to or honor legacy DNT signals or similar mechanisms transmitted by web browsers, as there is no common industry standard for compliance with DNT signals.

  1. Mechanisms to Control Cookies and Other Technologies

You may be able to set your browser to reject cookies and certain other technologies by adjusting the appropriate settings in your browser. Each browser is different, but many common browsers have preferences that may be adjusted to allow you to either accept or reject cookies and certain other technologies before they are set or installed, or allow you to remove or reject the use or installation of certain technologies altogether. We recommend that you refer to the “Help” menu in your browser to learn how to modify your browser settings. Please note that if you disable or refuse cookies, some parts of the Service may become inaccessible or may not function properly.

  1. Third-Party Technologies and Third-Party Websites

This Privacy Policy covers the use of cookies by Uptech and does not cover the use of tracking technologies by any third parties. The Service may contain links, content, or references to other websites or applications operated by third parties. These third-party services, websites, or applications are not controlled by us and may have privacy policies that differ from our own. We encourage you to read the privacy statements and terms and conditions of each third-party website and application with which you interact. We do not endorse, screen, or approve, and are not responsible for the privacy practices of such third parties or the content of their applications or websites. Providing Personal Information to third-party websites or applications is at your own risk.

  1. Google Analytics and Other Analytics Services

The Service may use Google Analytics, Amplitude, and other analytics service providers, which use cookies and similar technologies to collect and analyze information about use of the Service and report on activities and trends. These services may also collect information regarding the use of other websites, apps, and online resources. You can learn about Google’s practices by going to www.google.com/policies/privacy/partners/, and opt out of them by downloading the Google Analytics opt-out browser add-on, available at https://tools.google.com/dlpage/gaoptout.

  1. State Privacy Law Compliance

Uptech complies with applicable state privacy laws, including the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), Colorado Privacy Act (CPA), Connecticut Data Privacy Act (CTDPA), Delaware Personal Data Privacy Act (DPDPA), Texas Data Privacy and Security Act (TDPSA),  Virginia Consumer Data Protection Act (VCDPA), and other similar state privacy laws as they become effective.

Because Uptech operates as a data processor (or service provider) with respect to Customer Data, the subscribing organization (as the data controller or business) is generally responsible for responding to data subject requests relating to Customer Data. If you are an end user of a subscribing organization and wish to exercise privacy rights with respect to Customer Data, please contact your organization directly. We will assist our customers in responding to such requests as required by our agreements with them. The rights described below apply to Personal Information that Uptech controls (but excluding Customer Data).

Uptech does not sell or share Personal Information for monetary or other valuable consideration and does not engage in cross-context behavioral advertising. Accordingly, Uptech does not maintain a “Do Not Sell or Share My Personal Information” link, as no such opt-out is required. 

  1. Your Privacy Choices and Rights

Depending on your jurisdiction, you may have the right to:

  1. Know what Personal Information we collect and how it is used.

  2. Request correction of inaccurate Personal Information we maintain about you;

  3. Request deletion of your Personal Information.

  4. Opt out of the sale of Personal Information (note: Uptech does not sell Personal Information).

  5. Access your Personal Information in a portable format.

  6. Not be discriminated against for exercising your privacy rights.

  7. Object to processing of your Personal Information where we rely on legitimate interests as the legal basis, on grounds relating to your particular situation. Upon receipt of your objection, we will cease processing your Personal Information unless we demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing is necessary for the establishment, exercise, or defense of legal claims.

  8. Lodge a complaint with a supervisory authority. If you are in the European Economic Area (EEA), you have the right to complain to a Data Protection Authority about our collection and use of your Personal Information. For more information, please contact your local data protection authority in the EEA.

To exercise any of these rights with respect to Account Data or Usage Data controlled by Uptech, contact us at privacy@uptechsoft.com. We will respond to and process such requests within the timeframe required by applicable law.

  1. Verification

To protect your privacy, we will take steps to verify your identity before fulfilling your request. When you make a request, we may ask you to provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Information or an authorized representative.

  1. Authorized Agent

Only you, or someone legally authorized to act on your behalf, may make a verifiable request related to your Personal Information. To designate an authorized agent, please contact us at privacy@uptechsoft.com and provide written authorization signed by you and your designated agent.

  1. Right to Appeal

If you are dissatisfied with our response to your privacy request, you may request reconsideration by sending a written request to privacy@uptechsoft.com. Within sixty (60) days of our receipt of such written request for reconsideration (or within forty-five (45) days for residents of Connecticut and other states where required by applicable law), we will inform you in writing of any action taken or not taken in response to your request for reconsideration, including a written explanation of the reasons for the decision.

Residents of Connecticut may file a complaint with the Connecticut Attorney General if dissatisfied with our response to an appeal.

  1. California “Shine the Light”

The California “Shine the Light” law (Cal. Civ. Code § 1798.83) permits users who are California residents to request and obtain from us once a year, free of charge, a list of the third parties to whom we have disclosed their Personal Information (if any) for direct marketing purposes in the prior calendar year, as well as the type of Personal Information disclosed to those parties. As described in this Privacy Policy, Uptech does not share Personal Information with third parties for their direct marketing purposes. If you are a California resident and would like to make such a request, please contact us at privacy@uptechsoft.com.

  1. Nevada Opt-Out Right

If you are a resident of Nevada, you have the right under Nevada Revised Statutes Chapter 603A to opt out of the sale of certain Personal Information to third parties who intend to license or sell that Personal Information. As described in this Privacy Policy, Uptech does not sell Personal Information. If you would like to exercise this right or have questions, please contact us at privacy@uptechsoft.com.

  1. Sensitive Personal Information

Uptech does not intentionally collect sensitive Personal Information (such as racial or ethnic origin, religious beliefs, health information, sexual orientation, citizenship or immigration status, genetic or biometric data, or precise geolocation data) through the Service. If we become aware that we have collected sensitive personal information, we will handle it in accordance with applicable law. Residents of certain states may have the right to limit the use and disclosure of sensitive personal information. To exercise this right, please contact us as described in Section 9.1.

  1. Financial Incentives

We do not offer financial incentives, price differences, or service differences in exchange for the retention, sale, or sharing of your Personal Information. In the event we offer any such program in the future, we will provide you with the material terms of the program, obtain your opt-in consent, and notify you of your right to withdraw from the program at any time.

  1. Profiling and Automated Decision-Making

Certain state privacy laws provide residents with the right to opt out of profiling in furtherance of decisions that produce legal or similarly significant effects. “Profiling” means any form of automated processing of Personal Information to evaluate, analyze, or predict personal aspects concerning an identified or identifiable individual’s economic situation, personal preferences, interests, reliability, behavior, location, or movements. Uptech does not currently engage in profiling that produces legal or similarly significant effects on users. If this changes in the future, we will update this Privacy Policy and provide you with the right to opt out of such profiling. Where required by applicable law, you may also request human review of any decision made solely by automated means.

  1. International Data Processing

The Service is hosted and operated in the United States. If you provide Personal Information through or in connection with the Service, you acknowledge and agree that such Personal Information may be transferred from your current location to the offices and servers of Uptech and our service providers located in the United States, which may have data protection laws that are different from the laws where you live.

For customers operating in multiple countries (including cross-border toll scenarios involving Canada, Mexico, or other jurisdictions), data processing occurs in accordance with the customer's master services agreement and any applicable data processing addendum. Where required by applicable law, we implement appropriate safeguards for international data transfers, including Standard Contractual Clauses approved by the European Commission, adequacy decisions, or other lawful transfer mechanisms.

  1. Children's Privacy

The Service is a business-to-business platform and direct users of the Service are business users within subscribing organizations (not individual renters). We do not knowingly collect Personal Information from children under the age of thirteen (13) (or such higher age as may be required by applicable law) without verifiable parental consent. With respect to Customer Data that may contain information about renters (including renters under age eighteen (18)), our subscribing organizations (as the data controllers) are responsible for ensuring appropriate consents and legal bases for processing such data. If we become aware that we have inadvertently collected or received Personal Information from a child without appropriate consent, we will use reasonable efforts to delete such information promptly. If you are a parent or legal guardian and believe your child has provided us information without your consent, please contact us at privacy@uptechsoft.com.

  1. Changes to This Privacy Policy

We reserve the right to update this Privacy Policy from time to time in order to reflect changes to our practices or for other operational, legal, or regulatory reasons. When we make material changes, we will communicate such changes to subscribing organizations via email or through the Service with at least thirty (30) days' notice prior to the changes taking effect.

The date of the most recent revision will be indicated at the top of this page. Your continued use of or access to the Service following the posting of any changes to this Privacy Policy constitutes acceptance of those changes.

  1. Contact Information

For questions or concerns about this Privacy Policy or our data practices, please contact:

Uptech Software LLC

Privacy Inquiries: privacy@uptechsoft.com

General Inquiries: info@uptechsoft.com

Address: 3050 Biscayne Blvd. Ste 400, Miami, FL 33137

How We Work

Solutions

Platform

Capabilities

Contact

Log In

Get a Demo

How We Work

Solutions

Platform

Capabilities

Contact

Log In

Get a Demo

Log In

Get a Demo

How We Work

Solutions

Platform

Capabilities

Contact

Log In

Get a Demo

Built for fleets. Not the other way around.

© 2026 Upgrade Technology, LLC. All rights reserved.

Privacy Policy

Terms of Service