Effective date: 14 April 2026 · Last updated: 14 April 2026 ·
Adroit Limited, New Zealand
1. Who We Are
Adroit Limited ("we", "us", "our") operates the AssetTrack platform, accessible at assettrack.cloud and via our mobile applications. We provide asset cataloguing and tracking software for businesses.
If you have any questions about this policy or wish to exercise your privacy rights, contact us at privacy@assettrack.cloud.
2. What Information We Collect
Information you provide directly
- Account information — your name, email address, and password (stored as a one-way BCrypt hash; we never store your plain-text password)
- Organisation information — your company or tenancy name
- Asset data — names, descriptions, serial numbers, model numbers, purchase costs, market values, replacement values, and other details you enter about your assets
- Photos and videos — images and video notes you attach to assets, stored in Microsoft Azure Blob Storage
- Audio transcriptions — if you use the voice note feature, audio is transcribed and the text is stored; raw audio is not retained
Information collected automatically
- GPS location — when you scan a QR code or barcode, your device's GPS coordinates are recorded against that scan event (with your permission)
- Vehicle and equipment location — if you connect a GPS tracker to a vehicle or piece of plant, location data is transmitted continuously while the device is active
- Engine and telematics data — connected GPS trackers may transmit engine RPM, fuel level, odometer reading, coolant temperature, and other OBD-II data from your vehicles
- Usage data — standard web server logs including IP address, browser type, and pages accessed, retained for up to 30 days
Information collected from guest users
If you join an organisation's account as a guest via a scan-to-join session, we collect your scan activity for the duration of that session. Guest sessions expire automatically and access is revoked at session end.
3. How We Use Your Information
We use the information we collect to:
- Provide, operate, and maintain the AssetTrack platform
- Associate scanned assets with their physical locations
- Generate inventory reports, PDF labels, and compliance documentation on your behalf
- Send transactional emails such as account invitations, password resets, and MFA verification codes
- Monitor platform performance and diagnose technical issues
- Comply with our legal obligations
We do not use your data for advertising, profiling, or marketing purposes.
4. How We Store and Protect Your Information
- All data is stored in Microsoft Azure infrastructure in the Australia East region (Sydney)
- Data is transmitted exclusively over HTTPS / TLS 1.3
- Sensitive asset fields (names, descriptions, serial numbers, financial values, and personnel details) are encrypted at rest using AES-256-GCM encryption
- Passwords are hashed using BCrypt and are never stored or transmitted in plain text
- Access to your organisation's data is strictly isolated — no other organisation can access your data
5. Who We Share Your Information With
We do not sell, rent, or share your personal information with third parties for their own purposes.
We use the following sub-processors to operate the platform:
| Provider | Purpose | Location |
|---|
| Microsoft Azure | Cloud hosting, database, file storage, email delivery | Australia East |
| Flespi | GPS tracker data relay (vehicle tracking feature) | EU |
| Anthropic | AI-powered asset enrichment and OCR (optional feature) | USA |
Each sub-processor is contractually bound to process data only as instructed and in accordance with applicable privacy law.
6. Location Data
AssetTrack requests access to your device's GPS location when you scan assets. This is used solely to record where an asset was scanned. You may deny location permission — scanning will still work but no location will be recorded.
If you use the vehicle tracking feature, location data is collected continuously from hardware GPS trackers fitted to your vehicles. This data is visible only to authorised users within your organisation.
7. Camera and Microphone Access
The app requests camera access to:
- Scan QR codes and barcodes
- Capture photos of assets
- Record video notes
The app requests microphone access solely to record video notes. We do not access your camera or microphone at any other time.
Photos and videos you capture are stored in your organisation's secure storage and are accessible only to authorised users within your organisation.
8. Data Retention
- Account data is retained for as long as your organisation's account is active
- Asset data, photos, and videos are retained until you delete them or close your account
- Scan event and location history is retained indefinitely to support historical reporting
- Server logs are retained for up to 30 days
- Upon account closure, all your organisation's data is deleted within 30 days
9. Your Rights (New Zealand Privacy Act 2020)
Under the New Zealand Privacy Act 2020, you have the right to:
- Access the personal information we hold about you
- Correct any personal information that is inaccurate or incomplete
- Request deletion of your personal information, subject to any legal retention obligations
- Complain to the Office of the Privacy Commissioner if you believe we have breached your privacy rights
To exercise any of these rights, contact us at privacy@assettrack.cloud. We will respond within 20 working days.
If you are located in the European Economic Area, you may also have rights under the GDPR. Please contact us to discuss.
10. Children's Privacy
AssetTrack is a business-to-business platform and is not intended for use by anyone under the age of 16. We do not knowingly collect personal information from children.
11. Changes to This Policy
We may update this policy from time to time. When we make material changes, we will update the "Last updated" date at the top of this page. Continued use of the platform after changes are posted constitutes acceptance of the updated policy.