Сервісу GPS-моніторингу eQuGPS
Дата набрання чинності: 21 травня 2026 року
Ця Політика конфіденційності та безпеки (надалі — «Політика») є офіційним документом, який визначає детальний порядок, умови, мету та правові підстави збору, накопичення, обробки, зберігання, систематизації, захисту та видалення персональних даних та інформації користувачів (надалі — «Користувач»).
Дія цієї Політики поширюється на всю інформацію, що отримується та використовується вебсайтами equgps.ua, equgps.shop (надалі — «Сайт»), мобільними застосунками eQuGPS для операційних систем Android та iOS (надалі — «Застосунок»), а також супутнім програмним забезпеченням, серверною інфраструктурою та обладнанням GPS-моніторингу (надалі разом — «Сервіс»).
Володільцем та розпорядником персональних даних є ТОВАРИСТВО З ОБМЕЖЕНОЮ ВІДПОВІДАЛЬНІСТЮ «ЕКЮ ДЖІ ПІ ЕС» (код ЄДРПОУ: 41209867, юридична адреса: Україна, 04080, м. Київ, вул. Кирилівська, буд. 82, офіс 256) (надалі — «Компанія»).
Забезпечення конфіденційності та належного захисту персональних даних є пріоритетним обов'язком Компанії. У зв'язку з цим впроваджуються провідні галузеві стандарти безпеки з метою гарантування всебічної безпеки конфіденційної інформації Користувачів. Рекомендується детально ознайомитися з цим документом перед початком використання Сервісу.
1.1. Використання будь-якої частини Сайту, реєстрація облікового запису (акаунту) у Сервісі або завантаження та встановлення Застосунку eQuGPS на мобільний пристрій свідчить про повне та беззастережне ознайомлення Користувача з усіма пунктами цієї Політики, а також про надання добровільної, усвідомленої та явної згоди на обробку його персональних даних у спосіб, у межах та для цілей, що визначені цим документом.
1.2. Ця Політика розроблена у строгій відповідності до чинного законодавства України, зокрема:
Закону України «Про захист персональних даних» № 2297-VI;
Закону України «Про електронну комерцію» № 675-VIII;
Закону України «Про електронні комунікації» № 1089-IX.
У випадках, коли послуги Сервісу надаються Користувачам, які перебувають на території Європейського Союзу (ЄС) або є громадянами ЄС, обробка даних здійснюється також з урахуванням вимог Регламенту (ЄС) 2016/679 Європейського Парламенту та Ради від 27 квітня 2016 року про захист фізичних осіб у зв'язку з обробкою персональних даних і про вільний рух таких даних (Загальний регламент про захист даних — GDPR).
1.3. Обробка персональних даних здійснюється на основі таких законних підстав:
Згода суб'єкта персональних даних: Явна згода, надана під час реєстрації або активації окремих функцій (зокрема, доступу до даних геолокації).
Виконання зобов'язань за договором: Необхідність обробки даних для надання послуг GPS-моніторингу згідно з умовами Публічного договору-оферти.
Юридичне зобов’язання: Необхідність дотримання вимог чинного законодавства України (зокрема, у сфері податкового та бухгалтерського обліку).
Легітимний інтерес: Забезпечення належного рівня безпеки Сервісу, запобігання кібератакам, технічне вдосконалення функціонала та усунення системних помилок.
1.4. У разі незгоди з будь-якою з умов цієї Політики, використання Сервісу має бути припинено, а Сайт, Застосунок та підключене до Сервісу обладнання не підлягають подальшій експлуатації з боку Користувача.
1.5. Сервіс не призначений для використання особами, які не досягли 18-річного віку. Збір та обробка персональних даних неповнолітніх осіб без згоди їхніх батьків або законних опікунів навмисно не здійснюються. У разі виявлення факту ненавмисного отримання даних неповнолітньої особи, такі дані підлягають негайному видаленню.
Обробка персональних даних здійснюється виключно в обсязі, який є мінімально необхідним для забезпечення стабільного, точного та якісного функціонування системи GPS-моніторингу eQuGPS. Усі зібрані дані класифікуються за такими категоріями.
Identification and contact data: Surname, first name, patronymic (if available), contact phone number, email address, physical address for equipment delivery (in case of purchasing physical devices through the equgps.shop website), name of the legal entity, EDRPOU code, legal address and bank details (for corporate clients).
Authorization data: Unique login and password. Passwords are stored in databases exclusively in encrypted form using stable cryptographic algorithms (one-way hashing). Access of Company employees to passwords in unencrypted form is excluded.
Data about monitored objects: Information that the User independently enters into the system to identify connected objects (make, model, state license plate of the vehicle, VIN code, year of manufacture of the vehicle, driver's name or name of the moving object).
Support service request data: Text of messages, screenshots, sent files, as well as recordings of telephone conversations with support service operators (used exclusively for quality control of service and resolution of disputes).
This category of data is essential for the performance of the Service's core functionality. It comes from connected physical GPS trackers, beacons, on-board computers or mobile devices and includes:
Geographic data: Exact location coordinates (latitude, longitude, altitude), speed and direction of movement (azimuth), exact time and date of fixation of each GPS/GLONASS/Galileo satellite signal.
Diagnostic and sensor indicators: Data coming from additional sensors integrated with GPS equipment. In particular: fuel level in the tank (according to DUT data), volume of refueling and draining, engine or refrigerator temperature, ignition status, on-board network and battery voltage, odometer readings, engine operating hours, information from the vehicle's CAN bus, status of the panic button (SOS), etc.
Background Location Access: The eQuGPS mobile application can request and access the precise coordinates of the mobile device on which it is installed.
Functional purpose: Access to geodata (including in the background mode, when the Application is minimized, not displayed on the device screen or when the smartphone screen is locked) is carried out only if the User independently activates the "Mobile Tracker" function in the Application settings. In this mode, the mobile device functions as a virtual GPS beacon, transmitting coordinates to the system to ensure the possibility of monitoring the device's movement in the eQuGPS personal account.
Transparency and control:
The collection and processing of geodata in the background is under no circumstances carried out in a hidden manner or without prior receipt of the User's explicit and informed consent.
Before the mobile tracker function is launched for the first time, a clear information message (Prominent Disclosure) is displayed on the device screen, justifying the need for background geolocation.
The granted permission may be revoked by the User at any time by deactivating the tracker function in the Application or by changing the privacy settings in the mobile device settings. Deactivation of this function does not limit the ability to monitor other physical GPS trackers through the Application.
Location data is not used for ad targeting and is not shared with ad networks or third-party marketing companies.
Network identifiers: IP address from which the Service is accessed, cookies, session metadata.
Device data: Mobile device model and manufacturer, operating system version and type, unique device identifiers (IMEI, UUID, IDFA), screen resolution, interface language, network type (Wi-Fi, 4G, 5G), mobile operator name.
Logs and crash analytics: Information about system errors, Application crashes (Crash Reports collected using Firebase Crashlytics or similar services), information about loading speed and interface interaction time.
The collection, storage and processing of personal data is carried out exclusively for clearly defined, legitimate purposes that ensure the proper provision of services:
3.1. Ensuring the provision of monitoring services (fulfillment of contractual obligations):
Identification of the User in the system, creation and maintenance of secure access to the personal account.
Processing telemetry data to display the location of connected objects on interactive maps in real time.
Construction of detailed tracks (routes) of traffic for past periods, recording parking lots, stops and speeding.
Generation of reports on vehicle operation, analysis of fuel balance, calculation of distance traveled and engine hours.
Sending instant notifications about events (entering/exiting geofences, triggering the panic button, low tracker battery, speeding, etc.) using Push notifications in the Application, SMS messages, Viber/Telegram bots or emails.
3.2. Technical support and customer service:
Providing assistance in solving technical problems, remote configuration and diagnostics of connected GPS equipment.
Consulting on tariff plans, processing financial transactions, invoicing for subscription payments, providing certificates of work performed.
3.3. Improvement and development of the Service:
Analysis of technical logs and crash information to optimize server performance and improve the stability of the mobile application.
Assessing the popularity of individual features of the Service for the development of new tools and software updates.
3.4. Security and Abuse Prevention:
Preventing unauthorized access by third parties to the User's account.
Detection and blocking of attempted cyberattacks (DDoS attacks, SQL injections, etc.), payment card fraud, and other malicious actions.
Monitoring the stability of data transmission channels from GPS trackers to eQuGPS servers.
3.5. Marketing and communication (with consent):
Sending important service notifications (including warnings about scheduled maintenance, reminders about the need to renew your subscription).
Informing about new products, promotions, special offers, updates to the Application or expanded functionality. You can opt out of receiving advertising materials at any time through your profile settings or by activating the appropriate link in the email.
Data retention is limited to the period objectively necessary to achieve the purposes specified in this Policy or to comply with imperative legal requirements.
4.1. User profile data: Personal data provided during registration are stored in the system for the entire term of the contract and account activity. In case of inactivity and lack of subscription payment for 12 months, the account may be declared inactive with prior notification by email before archiving or deleting it.
4.2. Telemetry data (GPS history): Coordinates, movement reports and sensor data are stored on servers for a limited period determined by the selected tariff plan (from 30 to 365 calendar days). After this period, the data is automatically and irretrievably deleted from the active databases of the Service.
4.3. Backups: In order to ensure uninterrupted operation and protection against critical failures, database backups are created. The storage period of archival copies is up to 90 days from the moment of their creation, after which they are overwritten.
4.4. Tax and accounting data: Primary financial documents, contracts and bank statements containing personal data are stored for 3 (three) years from the moment of the transaction in accordance with the requirements of the Tax Code of Ukraine.
Ensuring the confidentiality and proper protection of personal data is a priority obligation of EQ GPS LLC. In this regard, a comprehensive approach is applied, which combines administrative, technical, organizational and physical protection measures.
Data in Transit: All traffic between the User's web browser, the eQuGPS mobile Application, physical GPS trackers and servers is encrypted using the HTTPS, SSL and TLS cryptographic protocols with a high level of security.
Data at Rest: Databases and sensitive system files are stored on servers encrypted using AES-256.
The Company operates a strict Least Privilege Principle. Only authorized technical employees who have a critical need to perform their job duties have access to Users' personal data and telemetry databases.
All employees with access to the data have signed legally binding non-disclosure agreements (NDAs). Violations of these rules are subject to disciplinary, financial and criminal liability in accordance with applicable law.
The servers are located in certified European and Ukrainian Tier III data centers that meet ISO 27001 security standards.
Data centers are equipped with 24-hour physical security, biometric access control, fire detection systems, and backup power sources.
Modern systems for traffic filtering and protection against network cyberattacks are used (Web Application Firewall, DDoS protection from Cloudflare or similar services).
The system is regularly scanned for vulnerabilities and an external security audit is carried out.
The sale, rental, exchange or other form of alienation of Users' personal data to third parties for commercial, advertising or marketing purposes is strictly prohibited. Data transfer to third parties is possible only in limited, clearly defined cases:
6.1. Transfer to technical partners (Sub-processors):
Verified third-party companies are involved in providing certain technical functions of the Service, which operate solely on the basis of contracts and are obliged to ensure an appropriate level of data protection. Such partners include:
Hosting providers: For secure data storage on rented cloud servers.
Map service providers (Google Maps API, OpenStreetMap, Mapbox): Only geographic coordinates are sent to these services to display the object on the map. The transfer of other personal data (names, phone numbers, license plates) is excluded.
Payment systems and acquiring (LiqPay, Portmone, etc.): Subscription payments are processed independently by the specified partners in accordance with PCI DSS standards. Bank card data is not collected and stored on the Company's servers.
Telecommunications companies and SMS gateways: To send service SMS messages or make automatic notification calls.
6.2. Cross-border data transfer:
In order to ensure high availability and system redundancy, data may be processed and stored on servers located in the European Union. Any cross-border transfer is carried out in accordance with the requirements of Ukrainian legislation and under the protection of Standard Contractual Clauses approved by the European Commission.
6.3. Legislative requirements:
Disclosure of personal data or movement history to state authorities (law enforcement agencies, courts, pre-trial investigation bodies) of Ukraine or EU countries is carried out exclusively on the basis of an official, properly executed court decision issued within the framework of criminal or civil proceedings, or in other cases expressly provided for by applicable law.
As a personal data subject, the User has the rights guaranteed by Article 8 of the Law of Ukraine "On Personal Data Protection" and the provisions of the GDPR (for EU residents). The subject has the right to:
7.1. Right to Access: Obtaining information about what data is being processed, requesting confirmation of the fact of processing, and obtaining a copy of this data.
7.2. Right to Rectification: The right to have inaccurate, outdated or incomplete personal data corrected (most data can be changed independently in your personal account or profile settings).
7.3. Data Deletion (Right to Erasure / "To be forgotten"): The requirement for the complete deletion of personal data from the Service system (according to the procedure described in section 8).
7.4. Right to Restriction of Processing: The requirement to suspend the processing of personal data (for example, for the duration of checking their accuracy at the User's request).
7.5. Objection to processing (Right to Object): The right to object to the processing of personal data based on the Company's legitimate interests or for direct marketing purposes.
7.6. Right to Data Portability: Receive personal data and telemetry history in a structured, commonly used machine-readable format (including .XLSX, .CSV, .GPX) for transmission to another service.
7.7. Right to Withdraw Consent: The right to withdraw consent to data processing at any time (including by changing permissions for the use of geodata).
7.8. Filing a complaint: In case of detection of violations of rights in the field of personal data protection, the Subject has the right to file a complaint with the Commissioner for Human Rights of the Verkhovna Rada of Ukraine (address: Kyiv, 21/8 Instytutska St., email: hotline@ombudsman.gov.ua) or to the court. EU residents have the right to file a complaint with the local data protection supervisory authority (DPA).
The right to complete deletion of personal data and account is exercised in two available ways:
Authorize in the eQuGPS Application on your mobile device.
Go to the "Settings" tab (gear icon).
Select "Profile" or "My Account" .
Scroll down the screen and click on the "Delete Account " button.
Confirm the action by entering a password or one-time confirmation code to prevent unauthorized deletion of the profile by third parties.
Send an email request to the technical support address support@equgps.ua .
The letter must be sent exclusively from the email address to which the account is registered in the eQuGPS Service.
Be sure to indicate in the subject line of the letter: "Request to delete account and personal data" .
In the body of the letter, indicate your login in the system and the phone number associated with your profile.
Within 24 hours, the account is blocked from logging in, and data transmission from GPS trackers to the system is stopped.
Within 30 calendar days , personal data (name, phone, email, monitoring objects) and all accumulated telemetry history from the Service's active databases are completely physically erased without the possibility of recovery.
A minimum part of information about financial transactions (checks, acts, payment amounts) is stored exclusively for the fulfillment of tax obligations in accordance with clause 4.4 of this Policy.
9.1. LLC "EQ GPS" reserves the right to unilaterally make changes, additions or updates to this Policy at any time, in particular in connection with changes in legislation, requirements of application stores (Google Play / App Store) or the introduction of new technologies.
9.2. In the event of significant changes that affect the User's rights or the procedure for using data, notification of such changes shall be made at least 10 calendar days before the date of their entry into force in one of the following ways:
Publication of an information banner on the main page of the Site;
Displaying an information window (pop-up) when launching the mobile Application;
By sending an official notification to the User's registered email address.
9.3. Continued use of the Service after the 10-day notice period expires means the User's full consent to the new version of the Privacy Policy.
To obtain clarifications, provide suggestions or comments, as well as to exercise your rights regarding personal data, you should contact the Data Protection Officer (DPO):
Data owner: LIMITED LIABILITY COMPANY "EQ GPS" (LLC "EQ GPS")
EDRPOU code: 41209867
Postal and legal address: 12, Heroiv Polku "Azov" St., office 330/1, Obolonskyi district, Kyiv 04212, Ukraine
Address for electronic requests: support@equgps.ua (with the note "For the Data Protection Officer")
Hotline: +380 99 745 75 45 (calls are charged according to the tariffs of the telecommunications operator)
Official website: equgps.ua