Privacy Policy
GDPR Commitment: OptiDrive is based in Dublin, Ireland and operates under the General Data Protection Regulation (EU) 2016/679. We are committed to processing all personal data lawfully, transparently, and with the minimum necessary scope. Your data is never sold, never traded, and never used for purposes beyond those described in this policy.
Who We Are
OptiDrive Fleet Solutions ("OptiDrive", "we", "us", "our") is a technology company incorporated and based in Dublin, Ireland. We are building a predictive fleet maintenance platform designed to help fleet operators prevent vehicle breakdowns before they occur, reduce unplanned downtime, and lower the total cost of fleet operations.
For the purposes of the General Data Protection Regulation (EU) 2016/679 ("GDPR") and the Data Protection Acts 1988–2018 (Ireland), OptiDrive Fleet Solutions is the data controller in respect of any personal data collected through this website or in connection with our research programme.
Our supervisory authority is the Data Protection Commission (DPC), located at 21 Fitzwilliam Square South, Dublin 2, D02 RD28, Ireland. Website: www.dataprotection.ie
Scope of This Policy
This Privacy Policy applies to all personal data processed by OptiDrive in connection with:
• Visits to this website (optidrive.io)
• Submissions to our waitlist or early‑access programme
• Participation in our fleet research survey
• Discovery calls, pilot programme participation, or direct correspondence
• Any other interaction between you and OptiDrive
OptiDrive is currently in the research and development phase. No live fleet or vehicle data is collected, stored, or processed by our platform at this stage. The data described in this policy relates exclusively to interactions with our website and research programme.
This policy applies to all individuals, including prospective customers, research participants, business partners, suppliers, and any other stakeholders whose personal data we process.
Data We Collect
We collect only the personal data that is necessary for the stated purpose. We do not collect sensitive categories of personal data (as defined under GDPR Article 9).
3.1 Waitlist Registration
When you sign up for the OptiDrive waitlist, we collect:
| Field | Required? | Purpose |
|---|---|---|
| Email address | Required | To send you product updates and programme invitations |
| Professional role | Optional | To segment communications by relevance |
| Fleet size | Optional | To understand our audience and prioritise research |
3.2 Research Survey Responses
When you complete our fleet research survey, we collect:
| Field | Required? | Purpose |
|---|---|---|
| Role, fleet size, vehicle type | Required | To contextualise your responses for research purposes |
| Operational and maintenance responses | Required | To understand fleet pain points and validate product direction |
| Open‑text descriptions | Optional | Qualitative research into maintenance challenges |
| Email address | Optional | To follow up on research participation if you request it |
3.3 Discovery Calls and Correspondence
If you book a discovery call or contact us directly, we may collect your name, job title, company name, email address, phone number, and the contents of any correspondence exchanged.
3.4 Website Usage Data
When you visit this website, we may collect technical data including your IP address (anonymised), browser type, operating system, pages visited, time on site, and referral source. This data is collected via cookies. See Section 9 for full details.
How We Use Your Data
We use your personal data only for the specific purposes listed below. We do not use your data for automated decision‑making or profiling as defined under GDPR Article 22.
| Purpose | Data Used | Legal Basis |
|---|---|---|
| Adding you to the product waitlist | Email address | Consent (Art. 6(1)(a)) |
| Sending product updates, launch news, and programme invitations | Email address, role | Consent (Art. 6(1)(a)) |
| Fleet maintenance research and product validation | Survey responses, role, fleet size | Legitimate interests (Art. 6(1)(f)) |
| Inviting you to discovery calls or pilot programmes | Email address, role | Consent / Contract (Art. 6(1)(a)/(b)) |
| Managing pilot programme participation | Contact data, correspondence | Contract performance (Art. 6(1)(b)) |
| Responding to enquiries | Contact data, correspondence | Legitimate interests (Art. 6(1)(f)) |
| Improving our website and user experience | Anonymised usage data, cookies | Consent (Art. 6(1)(a)) |
| Legal compliance and record‑keeping | As required | Legal obligation (Art. 6(1)(c)) |
Legal Basis for Processing
Under GDPR Article 6, we rely on the following legal bases:
Consent — Article 6(1)(a)
When you submit your email address via the waitlist form or agree to receive communications from us, you provide explicit, freely given, specific, and informed consent. You may withdraw this consent at any time by clicking the unsubscribe link in any email we send you, or by contacting us at privacy@optidrive.io. Withdrawal of consent does not affect the lawfulness of processing carried out before withdrawal.
Legitimate Interests — Article 6(1)(f)
We process fleet research survey responses and website usage data under legitimate interests. Our legitimate interest is in developing a data‑driven product that solves a genuine operational problem for fleet operators. We have conducted a legitimate interests assessment and are satisfied that this processing does not override your fundamental rights and freedoms. You have the right to object to processing on this basis; see Section 8.
Contract Performance — Article 6(1)(b)
Where you enter into an agreement with us — for example, by joining a pilot programme — we process personal data to the extent necessary to fulfil that agreement.
Legal Obligation — Article 6(1)(c)
We may process personal data where required to comply with a legal obligation to which we are subject, including applicable Irish and EU law.
Data Retention
We retain your personal data only for as long as is necessary for the purpose for which it was collected, or as required by applicable law. Our retention periods are as follows:
| Data Category | Retention Period | Reason |
|---|---|---|
| Waitlist email address | Until you unsubscribe, or 3 years from last engagement | To fulfil the purpose of the waitlist programme |
| Survey responses (non‑identifiable) | Indefinitely (aggregated/anonymised) | Ongoing product research; no personal data retained |
| Survey responses (linked to email) | 3 years from collection, or until erasure is requested | Research follow‑up and product development |
| Discovery call and correspondence data | 3 years from last contact | Relationship management and legal record‑keeping |
| Pilot programme data | Duration of programme + 5 years | Contractual and legal obligations |
| Website analytics data | 26 months (anonymised) | Industry‑standard analytics retention |
At the end of a retention period, personal data is securely deleted or anonymised. If you request erasure of your data, we will act on this within 30 days, subject to any legal obligations that require us to retain it.
Sharing Your Data
We do not sell, rent, trade, or otherwise transfer your personal data to third parties for commercial purposes.
We may share your personal data with the following categories of recipients only where necessary and under appropriate data protection agreements:
Service Providers (Data Processors)
We use a small number of carefully selected third‑party service providers to support our operations, including email delivery platforms, form submission tools, and website analytics. These providers act as data processors under GDPR Article 28, meaning they process your data solely on our instructions and are bound by contractual obligations that prevent them from using your data for their own purposes.
Business Partners and Investors
If we share aggregated, fully anonymised research findings with partners or investors, no personal data is included. We will never identify individual respondents in any external communication without your explicit consent.
Legal Requirements
We may disclose personal data to law enforcement, regulatory authorities, or other third parties where we are legally required to do so, or where such disclosure is necessary to protect the rights, safety, or property of OptiDrive, our users, or others.
Business Transfers
In the event of a merger, acquisition, or sale of all or part of our business, personal data held by us may be transferred to the relevant third party. We will notify you by email and/or a prominent notice on our website before your data is transferred or becomes subject to a different privacy policy.
Your Rights Under GDPR
Under the GDPR and Irish data protection law, you have the following rights in relation to your personal data. These rights apply to all individuals whose data we process, including customers, research participants, business partners, and stakeholders.
To exercise any of these rights, contact us at privacy@optidrive.io. We will respond within 30 days. There is no charge for making a request.
You can request a copy of all personal data we hold about you, along with information on how it is used and with whom it is shared.
You can ask us to correct any inaccurate or incomplete personal data we hold about you.
You can request that we delete your personal data where it is no longer needed, or where you withdraw consent. Also known as the “right to be forgotten”.
You can ask us to pause processing of your data in certain circumstances, for example while a dispute about accuracy is being resolved.
You can request your personal data in a structured, commonly used, machine‑readable format, and ask us to transmit it to another organisation.
You can object to processing based on legitimate interests. We will cease processing unless we can demonstrate compelling legitimate grounds that override your rights.
Where processing is based on your consent, you can withdraw it at any time. Withdrawal does not affect the lawfulness of processing before withdrawal.
You have the right to lodge a complaint with the Data Protection Commission (DPC) if you believe your data has been processed unlawfully.
Cookies & Analytics
Cookies are small text files placed on your device when you visit a website. We use cookies to understand how visitors interact with our website and to improve the user experience.
Strictly Necessary Cookies
These cookies are essential for the website to function correctly. They do not collect personal data and cannot be disabled. They include session management and security cookies.
Analytics Cookies
With your consent, we use privacy‑respecting analytics tools to collect anonymised data on page views, session duration, and referral sources. This data is aggregated and cannot be used to identify you individually. We do not use Google Analytics or similar tools that share data with advertising networks.
No Advertising Cookies
OptiDrive does not use advertising cookies, tracking pixels, or third‑party retargeting technologies of any kind. We do not build behavioural profiles of our website visitors.
Managing Cookies
You can control and delete cookies through your browser settings. Disabling analytics cookies will not affect your ability to use this website. For instructions on managing cookies in your browser, visit www.allaboutcookies.org.
Data Security
OptiDrive takes the security of your personal data seriously. We implement appropriate technical and organisational measures to protect your data against unauthorised access, accidental loss, destruction, or alteration, consistent with our obligations under GDPR Article 32.
Our security measures include, but are not limited to:
• Encryption of data in transit (TLS/HTTPS) and at rest
• Access controls limiting personal data to authorised personnel only
• Use of reputable, security‑assessed third‑party processors
• Regular review of data handling procedures
• Prompt response protocols in the event of a data breach
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the Data Protection Commission within 72 hours of becoming aware of the breach, and notify you directly where the risk is assessed as high, as required by GDPR Articles 33–34.
While we take every reasonable precaution, no method of data transmission over the internet is 100% secure. If you have concerns about the security of your data, please contact us immediately at privacy@optidrive.io.
International Data Transfers
OptiDrive is based in Ireland and operates primarily within the European Economic Area (EEA). We aim to store and process your personal data within the EEA wherever possible.
Where we engage service providers who process data outside the EEA, we ensure that appropriate safeguards are in place as required by GDPR Chapter V. These safeguards may include Standard Contractual Clauses approved by the European Commission, or processing in countries that have received an adequacy decision.
You may request details of the specific safeguards in place for any international transfers of your data by contacting us at privacy@optidrive.io.
Children’s Privacy
OptiDrive is a business‑to‑business platform intended solely for fleet operators, transport managers, and other industry professionals. Our services are not directed at, and we do not knowingly collect personal data from, individuals under the age of 18.
If you believe that a minor has submitted personal data to us without parental consent, please contact us at privacy@optidrive.io and we will take steps to delete the data promptly.
Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our data processing activities, legal requirements, or operational practices. When we make material changes, we will:
• Update the “Last updated” date at the top of this page
• Notify waitlist subscribers by email where the changes are significant
• In the case of substantial changes affecting how we use your data, seek fresh consent where required
We encourage you to review this policy periodically. Your continued interaction with OptiDrive after a policy update constitutes your acknowledgement of the revised policy.
Contact & Complaints
If you have any questions about this Privacy Policy, wish to exercise your GDPR rights, or have a concern about how we handle your personal data, please contact us using the details below. We will acknowledge your request within 5 working days and respond fully within 30 days.
Supervisory Authority
If you are not satisfied with our response, or if you believe we are processing your personal data in a manner that is not compliant with GDPR, you have the right to lodge a complaint with the Irish Data Protection Commission: