Help Customer portal Get started Sign in to app

Legal

Privacy Policy

Last updated: 15 April 2026

This Privacy Policy explains how TreadOS collects, uses, stores, shares, and protects personal information when people visit our website, use our software, use the TreadOS mobile application, access customer or technician portals, interact with our support team, or otherwise engage with our services. It is intended to support privacy expectations commonly arising in New Zealand, Australia, the United Kingdom, and the United States, but mandatory local laws and non-excludable rights will always prevail where they apply.

1. Who we are

TreadOS provides software and related services for tyre workshops, fleet service operations, technicians in the field, and customer-facing portal access. In many cases we act as a service provider or processor on behalf of the workshop, fleet operator, or business customer that uses our platform. In other cases, such as when you visit our website, request information, manage your own account directly with us, or communicate with us, we may act as the controller or equivalent business responsible for your information.

2. Scope of this policy

This policy applies to information collected through our public website, sign-up and sign-in flows, the TreadOS mobile and web applications, technician and worker workflows, customer portal features, billing and subscription administration, communications, and related support or sales interactions. It also applies to information stored locally on supported devices for offline operation and later synchronisation. It does not apply to third-party websites, software, services, app stores, payment environments, or external pages that we do not control, even if they are linked from our platform.

3. Information we collect

Depending on how you interact with us, we may collect and process:

  • Identity and contact information, such as names, email addresses, phone numbers, job titles, organisation details, and account profile information.
  • Account and authentication data, such as sign-in identifiers, password hashes or authentication verifiers, login attempts, security events, session tokens, and account preferences.
  • Operational and customer-record data entered into the service, including workshop, technician, worker, customer, vehicle, fleet, registration, VIN, axle layout, wheel map, tyre, inspection, job, quote, invoice, and service-history records.
  • Inspection and field-service data, such as wheel measurements, tread depth, tyre pressure, torque and fitment details, odometer readings, service notes, timestamps, completion details, and job status information.
  • Photos and image data, such as wheel photos, inspection photos, or camera images used to assist with registration plate capture and related OCR or text-recognition functions.
  • Audio and speech data, such as microphone input used for dictation, voice notes, or speech-to-text features, and the text transcripts produced from that input.
  • Location data, including approximate location inferred from IP address for website and service security purposes and, where enabled in the mobile app, device-derived location data used in technician workflows, job completion, auditing, dispatch, proof-of-service, or operational records.
  • Usage, device, and technical information, such as browser type, device model, operating system, app version, crash or error information, logs, timestamps, connectivity state, session activity, and feature interaction data used for security, support, diagnostics, and service improvement.
  • Billing and subscription information, such as plan selections, subscription status, invoices, and payment-related metadata supplied by billing or payment providers.
  • Communications and support records, including emails, requests, feedback, attachments, and other information you choose to send us.

4. How we collect information

We collect information directly from you, from the organisation that gives you access to the service, automatically through normal platform operation, from supported device capabilities, and from service providers or integration partners involved in identity, hosting, analytics, communications, billing, mapping or location services, speech processing, security, or support. We may also receive information when a workshop, fleet operator, or other customer invites a user into the platform or portal, creates or assigns work, imports records, or synchronises operational data with our service.

5. Mobile app permissions and device features

The TreadOS mobile application may request access to certain device permissions and capabilities when they are needed for a feature you choose to use. These may include:

  • camera access for registration capture, plate-recognition assistance, wheel photography, inspection photos, and related image workflows;
  • microphone or audio access for dictation, voice notes, and speech-to-text features;
  • location access for job completion, proof-of-service, operational auditing, navigation support, or related service records; and
  • network access for authentication, synchronisation, uploads, downloads, and secure communication with our services.

Where the operating system requires it, these permissions are requested at runtime and can usually be allowed or denied through device settings. If a permission is denied, some app features may not function or may function in a limited way. We do not state that camera, microphone, or location data is collected continuously in the background unless a specific feature clearly requires it and the app presents that behaviour.

6. How we use personal information

We use personal information as reasonably necessary to:

  • provide, operate, secure, maintain, and improve the service;
  • create and administer accounts, subscriptions, technician access, and customer portal access;
  • authenticate users, manage permissions, protect sessions, prevent fraud, and enforce security controls;
  • process workshop, fleet, vehicle, wheel, inspection, quote, invoice, and related operational workflows;
  • capture, process, and store job photos, inspection photos, registration images, notes, speech transcripts, and related workflow records;
  • assist with registration extraction, OCR, speech-to-text, vehicle lookup, intake automation, and similar product features;
  • record service details such as location, timestamps, odometer values, measurements, and completion events where relevant to the workflow;
  • support offline operation, local caching, and later synchronisation when network access is restored;
  • process transactions, manage billing, prevent fraud, and collect amounts due;
  • deliver support, onboarding, communications, and service notices;
  • monitor performance, investigate faults, troubleshoot issues, audit changes, and improve reliability and usability;
  • comply with legal obligations, lawful requests, and recordkeeping duties; and
  • protect our rights, users, customers, systems, and the public from misuse, abuse, safety risks, or security threats.

7. Speech, image recognition, and automated assistance

Some features may use automated assistance, including on-device or service-assisted text recognition, speech recognition, registration capture, vehicle suggestion, and similar workflow helpers. Depending on the feature, processing may occur locally on the device, through the device operating system or speech-recognition provider, through our backend services, or through service providers engaged to support that feature. For example, speech-to-text may be handled by an on-device model in some cases and by the device or platform speech recognizer in others. Where these features are used, the relevant input and output, such as audio, photos, recognised text, or vehicle attributes, may be processed to deliver the requested function.

8. Local device storage and offline use

The mobile app may store data locally on the device to support offline access, faster performance, pending work, draft entries, cached reference data, security, and later synchronisation. This local data may include account and session-related information, customer and vehicle records, inspection data, wheel or tyre records, notes, photos, transcripts, configuration settings, and similar operational information. Temporary files may also be created in app-controlled storage or cache areas during camera, dictation, and upload workflows. Some locally stored data may remain on the device for a period of time to support ongoing use, offline workflows, troubleshooting, or later synchronisation, subject to app behaviour, device settings, customer instructions, and our retention practices.

9. Background sync, uploads, and service communications

When a user is signed in and the service is available, the app may periodically communicate with our systems to refresh configuration, synchronise assigned data, upload pending job information or photos, retrieve updates, and keep records current across devices and services. These communications may happen while the app is not actively on screen, subject to device, operating system, and app settings. Uploaded information may include operational records, job status, notes, measurements, customer and vehicle information, completion data, photos, and other data necessary to support the service.

10. Legal bases and regional privacy rights

Where required by applicable law, we rely on one or more lawful bases for processing, including contract performance, legitimate interests, consent, compliance with legal obligations, and protection against fraud, misuse, or safety risks. If you are in the United Kingdom, this includes lawful bases recognised under UK data protection law. If you are in New Zealand or Australia, we handle personal information in a manner intended to support applicable privacy principles, including access and correction rights. If you are in the United States, additional state privacy rights may apply depending on your location and our role in relation to the information.

11. Cookies, similar technologies, and app technologies

We may use cookies, local storage, device identifiers, cached files, encrypted preferences, logs, and similar technologies to keep users signed in, remember preferences, secure sessions, support offline operation, store app configuration, process queued work, understand service performance, and improve the service. You can usually adjust browser or device settings to manage some of these technologies, but some parts of the service may not function properly if essential technologies are disabled or app data is removed.

On our public website we may use Google Analytics (a service provided by Google LLC or its affiliates) to collect statistics about how visitors use our pages, such as approximate geography, device and browser types, pages or features viewed, session duration, and referral sources. Google Analytics uses cookies or similar technologies; information generated may be processed by Google in accordance with its policies. You can read how Google uses data from sites that use its services in Google's privacy & terms for partner sites, and you may be able to limit certain Google Analytics collection through your browser settings, Google's optional browser add-on where offered, or consent tools where we present them.

12. When we share information

We may share information with:

  • hosting, infrastructure, storage, communications, support, billing, security, and technology providers that help us run the service;
  • platform, device, mapping, location, text-recognition, speech-recognition, or similar providers where their services are needed to deliver a feature you use;
  • the business customer, workshop, fleet operator, or organisation that administers your account, assigned work, or customer relationship;
  • professional advisers, auditors, insurers, financiers, and contractors where reasonably necessary;
  • law enforcement, regulators, courts, or other parties where disclosure is required or reasonably necessary to comply with law or protect rights, property, or safety; and
  • a buyer, investor, successor, or transaction counterparty in connection with a merger, acquisition, financing, restructure, or asset sale.

We do not sell personal information in the ordinary sense of exchanging it for money. We also do not knowingly share personal information for unrelated third-party direct marketing.

13. International transfers

Your information may be processed in countries other than the country where it was collected. Where cross-border transfers occur, we take reasonable steps intended to ensure appropriate protections are in place, which may include contractual commitments, access controls, vendor due diligence, encryption, organisational controls, and other safeguards appropriate to the nature of the information and our role.

14. Data retention

We retain information for as long as reasonably necessary for the purposes described in this policy, including to provide the service, maintain business and audit records, support offline and synchronisation workflows, resolve disputes, enforce agreements, and meet legal, tax, accounting, security, and safety requirements. Retention periods may vary by data type, customer contract, platform settings, app design, legal obligations, and operational needs. Temporary files and cached data may be deleted automatically by app logic, overwritten by later activity, removed through device or app settings, or retained until synchronisation or troubleshooting needs have been satisfied.

15. Security

We use administrative, technical, and physical safeguards that are designed to protect personal information from unauthorised access, misuse, alteration, loss, and disclosure. These may include transport encryption, access controls, app sandboxing, restricted storage areas, encrypted secret storage for certain credentials, authentication controls, and role-based access measures where appropriate. No method of transmission, storage, or security control is perfect, and we cannot guarantee absolute security. Users and customers are responsible for maintaining appropriate passwords, access controls, device security, endpoint protection, and internal handling practices on their side.

16. Your choices and rights

Subject to applicable law and our role in relation to the information, you may have rights to request access to, correction of, deletion of, portability of, restriction of, or objection to certain processing of your personal information. You may also have the right to withdraw consent where processing depends on consent, including by changing device permission settings where applicable, and the right to complain to a privacy regulator or supervisory authority. We may need to verify your identity and the scope of your request before taking action, and some records may be exempt from deletion or access rights due to legal, security, contractual, operational, safety, or customer-instruction reasons.

17. Customer data, workplace accounts, and technician devices

When a workshop, fleet operator, or other business customer uses TreadOS, that customer is typically responsible for deciding what information is entered into the platform, which workers or technicians may access it, what work is assigned, and what instructions we are permitted to follow. If your information was provided by one of our customers, you may wish to contact that organisation first, because it may control the relevant data and the permissions or retention rules that apply to it. Where technicians use managed or shared workplace devices, customers and users are responsible for maintaining appropriate device controls, logins, and operational practices.

18. External links and third-party environments

Some parts of the service may open external pages, such as customer portal links, invoice links, quote links, browser pages, app store pages, or provider-operated speech or platform features. Those third parties may apply their own terms, cookies, tracking, and privacy practices, and we are not responsible for environments we do not control.

19. Children's privacy

The service is intended for business and commercial use. It is not directed to children, and we do not knowingly collect personal information from children in a manner that would require parental consent under applicable law. If you believe a child has provided personal information to us improperly, please contact us so we can investigate and take appropriate action.

20. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in our business, legal obligations, security practices, service providers, product features, or mobile app capabilities. The updated version will become effective when posted unless a later date is stated. Your continued use of the service after an update takes effect means you acknowledge the revised policy, subject to any rights you may have under applicable law.

21. Contact us

Privacy enquiries, requests, and complaints can be sent to admin@treados.net.