Privacy Policy & Notice

This Privacy Policy affects your legal rights and obligations, so we recommend that you read it carefully.

General

FuelPic Ltd. (the "Company," “we,” or “our”) respects your privacy.

The Company develops, markets and sells a cloud-based fleet card management and issuance platform enabling fuel retailers to create new value propositions, reduce fraud, and seamlessly expand their offerings.

This Privacy Policy describes how we collect your personal information, process and hold it, if and when you visit our website (www.ReinsGlobal.com) (the “Site”), use our services available through our web platform (the “Web Platform”) or our mobile application (the "App"), or if you provide us with personal data through any other means.

Our registered office is located at 6 Gruniman St., Tel Aviv, Israel.

Wherever in this Privacy Policy we refer to the "data subject,” or “you” or “your,” the reference is to any user who uses the Site and/or the Web Platform and/or the App, and to whom the personal data pertains.

The term "personal data" for purposes hereof means any information relating to an identified or identifiable natural person (may also be referred to as a "data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Your personal data, which will be collected for use on the Site and/or the Web Platform and/or the App, as applicable, will be stored on the Company’s and/or its customers’ databases, as applicable, and the Company will be entitled to use it in accordance with the conditions set forth in this Privacy Policy and/or in accordance with the privacy policies of the applicable customers, as applicable.

With respect to personal data processed in connection with the Site, we act as the controller of such personal data, and with respect to personal data processed in connection with our Web Platform and/or our App, we act as a data processor and/or a data sub-processor and/or a holder thereof on behalf of our customers (or their customers), as applicable.

When using our Web Platform and/or App, our customers (or their customers, as applicable) are the data controllers of personal data processed therein, or as the data sub-processors thereof (if our customers are the data processors on behalf of their customers), as applicable.

For purposes hereof, a "controller" means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. And a "processor" means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller. Finally, the term "processing" means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Reporting a cyber event

To contact the reporting center for cyber events and information security incidents or weaknesses related to the Company please send an e-mail to: contact@ReinsGlobal.com. This address is intended for information security reports only. No other matters will be answered.

Upon learning of a cyber event or an information security incident, or suspecting one of these, we will investigate the reported case and if it is indeed a valid report, we will act in accordance with our privacy policy below and in accordance with the company’s internal procedures.

Exercising your privacy rights

In any case where you would like to exercise your rights in relation to personal data, you are welcome to contact the Company and we will handle your request.

Please contact us at contact@ReinsGlobal.com.

In relation to the European Privacy Protection Laws (GDPR) only, the Company’s Privacy Protection Officer (DPO) can be contacted by e-mail at contact@ReinsGlobal.com for any question regarding the operations of processing your personal data.

Free, Informed Consent

By using our Site and/or the Web Platform and/or the App for any purpose (including for the purpose of registering to newsletter, using the services and content offered therein, the purchase of various services offered on the Site and/or the Web Platform and/or the App), you declare that you have read and understood this Privacy Policy and that you agree to all the terms and conditions set forth herein, and you give your informed consent to all the uses that the Company performs or may perform with your personal data on the Site and/or on the Web Platform and/or the App, as the case may be (including its transfer to third parties for the purposes specified in this Privacy Policy) and/or information that will be collected about your use of these, either directly by the Company or through anyone on its behalf.

Personal data that we collect

When you browse our Site, subscribe to our newsletter, log in to our Web Platform, and/or App (with or without a username and password), or otherwise use one of our web services, we may collect, process or store your personal data including, but not limited to, your name, telephone number, mobile phone number, physical address, email address, company name, Internet (“IP”) address, your access device details and your browsing history.

When you use our Web Platform and/or App, personal information may also include account and authentication data (such as username and password, if relevant), identifiers assigned by our customers, vehicle and fleet-related data (including car license plates information), government-issued identifiers (such as national ID number, driver identifier, or similar identifier) where configured by our customers, location data (including precise geolocation where enabled and applicable), and other technical and usage data associated with these services.

When permitted by our customer and applicable law, and depending on configuration of the Services, transaction-related information may be processed in connection with fuel and/or energy purchases (for example, transaction timestamps, location of purchase, vehicle identifier, order number, service details, and government ID number where required for billing, fraud prevention, or compliance purposes). Payment card information is typically processed by payment processors acting on behalf of our customers or merchants of record. To the extent the Company processes payment-related personal information, it does so in accordance with applicable payment security standards and only as necessary to provide the Services.

Please note that if and where we process government-issued identifiers and/or precise geolocation data, we seek to (a) limit collection to what is necessary for the relevant purpose; (b) limit access to personnel and service providers with a need to know; and (c) retain such data only for as long as necessary for the purposes described in this Privacy Policy, subject to legal and contractual requirements.

If and when you purchase services or products from third parties who are our business partners, we will receive the details of the transactions you will make with them. These details include, among others, the transaction dates, a description of the product or service purchased by you, its price, and more.

Notwithstanding the above, please note that personal data does not include information that has become irreversibly anonymous data in a way that does not allow anyone to identify you, either independently or in combination with other information, or in some other way.

All information you provide us must be true, complete and accurate. If you provide us with inaccurate or false information, and we detect signs of this default, we reserve the right not to complete the service and to report the same as required by applicable laws.

Please remember that you do not need to provide us with personal data in order to browse our Site. However, we may still automatically collect certain information as described below. When you contact us by email we may keep a record of the correspondence and we may also record any telephone conversations we have with you.

Personal information we collect automatically

When you visit our Site and/or Web Platform and/or the App, we, or third parties on our behalf, automatically collect and store information about your device and your activities. This information may include (a) information about your computer and/or device, as applicable, or a unique identifier number of another device you use; (b) technical information about the internet browser or operating system you are using; (c) your preferences and settings, such as region, time and language; and (d) statistics about your browsing activities and patterns. We use basic analytics to understand usage trends and improve the Services.

We collect this information through cookie files in accordance with our “Cookie Policy” described below and we use this information to improve our Site and/or the Web Platform and/or App and the experience of using it, the services we provide and for analytical and research purposes for improving the services we provide to you.

Marketing communications

We use your personal data for our legitimate interests such as sending you marketing communications, which may include newsletters, blog posts, surveys and information about new products and services.

You can choose not to receive further marketing communications by contacting us at contact@ReinsGlobal.com or by clicking cancel subscription or “unsubscribe” from marketing e-mails.

If you do unsubscribe from marketing communications, it may take up to five (5) business days for your new preferences to take effect. Therefore, we will keep your personal information in our records for marketing purposes until you inform us that you no longer wish to receive marketing emails from us.

Why we process personal information

We will use your personal data to comply with our contractual obligations, to provide you with the products or services you have purchased, if necessary, including to contact you regarding the provision of the products or services and to address any request, question, comment or complaint you may have in relation to these, if any.

If you have been referred to our Web Platform and/or App for the purpose of using our services, we will process your personal data to complete any purchase of energy and bill such payment or other related services.

Our Web Platform and/or App may use algorithms and other analytical tools to process your personal data as required to complete your purchases, including the prevention or reduction of any risk fraud and/or misuse. These algorithms have been developed professionally and their validity has been verified and validated from time to time.

We may also use your personal data for our legitimate interests, including providing customer service that you may require, enforcing the terms of any other agreement between us, for regulatory and legal purposes (including billing, fraud prevention, and compliance), for auditing purposes and to contact you regarding this Privacy Policy, if necessary. Where processing involves government-issued identifiers and/or precise geolocation, we apply additional controls appropriate to the nature of the data and the requirements of applicable law.

Sharing personal data

We will never sell any personal data, including your personal data.

We will share your personal data with third parties only in accordance with this Privacy Policy.

We may share your personal data with our customers, if we have collected the personal information on their behalf or process it in order to provide the Services through the Web Platform and/or App. Specifically, if you are a customer or end user of our customers, we may share your personal data and any transaction information (which may include government-issued identifiers and location/transaction details, as configured) concerning your purchases through our Web Platform and/or the App with our customers, as needed to provide the Services, for billing, fraud prevention, customer support, and compliance purposes.

We may share your personal data with our employees, service providers, subcontractors and agents whom we use to perform functions on our behalf and in accordance with our guidelines, including basic analytics providers, email communication providers, hosting and information technology service providers, security and fraud-prevention providers, accountants and lawyers. We may also disclose personal data where required by applicable law or regulation, to respond to lawful requests, to enforce our agreements, or to protect the rights, property or safety of the Company, our customers, users, or others. Where required by applicable law, we will enter into appropriate written agreements with service providers and impose appropriate contractual restrictions on their use of personal data.

We may also share your personal data in connection with the negotiation of any merger, sale of assets, consolidation or reorganization, financing or acquisition of all or part of our business by a third party or into another company.

Transfer of personal information outside the territory

We may share personal data about you with our employees, consultants and external service providers outside of your country, but only to perform the services for which you provided your personal data.

Where personal information is transferred to countries that may not provide an equivalent level of protection, we implement appropriate safeguards, such as contractual protections (including standard contractual clauses) and, where required, additional technical and organizational measures, and we conduct and document transfer risk assessments where required by law. This is particularly relevant where transfers involve data that may be considered sensitive under applicable laws (such as government-issued identifiers and precise geolocation).

Personal data about EU residents may be transferred outside the European Economic Area (that is, to countries that are not members of the European Union and that are not Iceland, Liechtenstein and Norway) and to international organizations.

In such cases:

• The information will be transferred to a country or an international organization for which a valid decision of the Council of the European Union has been made regarding the adequacy of the protection of the transferred personal data to that country or such organization (in accordance with regulation 45 of the GDPR); and/or
• Transfer of personal data relying on binding and valid agreements between public entities and authorities (in accordance with regulation 46.2(a) of the GDPR); and/or
• Transfer of information in accordance with the contractual instructions approved by the Council of the European Union and which impose on the recipients of the information a contractual obligation to protect the information at the level accepted in the European Economic Area (in accordance with regulation 46.2(c) of the GDPR) and while implementing additional protective measures as required by European law.

Notices and updates

Our Site and/or Web Platform and/or App may send new registered users a welcome email to verify a password and username.

After registering on our Site and/or Web Platform and/or App and providing consent to receive marketing emails, we may send you information about other services or products that we believe may be of interest to you, on a regular basis via email. We give you the option to unsubscribe or opt-out of receiving these types of communications.

We may also send you notifications regarding updates to our Site and/or Web Platform and/or App and services only if you have provided consent to receive updates about our opportunities, services and products.

We may also communicate with you to provide the requested services or in relation to matters related to your account by email or telephone.

Data Security

We will take steps to ensure an appropriate level of security for your personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures.

All information you provide to us is stored on our secure servers. All payment transactions are encrypted using SSL technology. You are responsible for maintaining the confidentiality of the password you have created or which has been provided to you.

Notwithstanding the foregoing, you acknowledge that no software is completely (i.e., 100%) secure. Therefore, although we take these steps to protect your personal data, we cannot guarantee that it will always remain completely secure.

Links

Our Site and/or Web Platform and/or App may contain links to other websites. If you choose to use these links to leave the Site and/or our Web Platform and/or App, you should know that we have no control over the other websites and/or the information contained therein. Therefore, we cannot be responsible for the protection and privacy of any information you provide when visiting these websites, and these websites are not subject to this Privacy Policy. You should exercise caution and review the privacy policies applicable to those websites.

Data Storage

If you register with us, we will keep your personal data until you close your account with us or until we no longer need it for the purposes it was provided to us.

If you receive marketing communications from us, we will retain your personal data until you opt out of receiving such communications.

If you have otherwise used our services or contacted us with a question or comment, we will retain your personal data for at least 6 months after the completion of the service to respond to further queries you may have.

Remember that you can always request that we suspend or remove your personal data at any time, subject to applicable law and our legitimate interests (for example, security, fraud prevention, and compliance). Where we process personal data on behalf of one of our customers (for example, your employer, a fleet operator, or a fuel retailer), we may need to refer your request to the relevant customer (the controller/database owner) and assist them as required by law and our contractual commitments.

General

If a competent court determines that any provision of this Privacy Policy is invalid or unenforceable, then such provision shall be interpreted, to the extent possible, to reflect the intent of the parties and all other provisions shall remain in full force and effect.

The Site and/or the Web Platform and/or the App as well as the services provided through them are intended for use by persons over the age of 18.

If we become aware that we have collected personal data from a person under the age of 16, we will take steps to delete the information as soon as possible.

Please contact us immediately by emailing contact@ReinsGlobal.com if you become aware that a person under the age of 16 has provided us with personal data.

Unless otherwise explicitly stated, this Privacy Policy shall be subject to and interpreted in accordance with the laws of the State of Israel and you consent to the exclusive jurisdiction of the Israeli courts.

As far as it refers to foreign privacy laws, including the GDPR, the laws of the applicable state where the user is located will apply.

We may change the terms of this Privacy Policy from time to time. You are responsible for regularly reviewing this policy in order to be aware of any changes to it, if and when they occur.

If you continue to use our Site and/or our Web Platform and/or the App after the changes take effect, it means that you agree to such changes.

“Cookies policy”

A cookie file is a small text file containing a unique identification number that is transferred (via the browser) from a website to the computer’s hard drive. The cookie identifies your browser but does not provide the website with information about you, such as your name and/or address. These files are used by websites to recognize when users revisit that website. Our Site and/or Web Platform and/or App use cookies so that we can recognize you when you return and customize your settings and preferences. Most browsers are initially configured to accept cookies. You can change your browser settings so that it notifies you when you have received a cookie, or refuse to receive cookies. Please note that our Site and/or Web Platform and/or App services may not function effectively if you refuse to accept cookies.

We may use third-party cookies and similar technologies (such as Google Analytics) for basic analytics purposes, subject to your choices and applicable law. Where required (for example, in the EEA/UK), we will obtain your consent before placing non-essential cookies and similar technologies on your device. You can manage your cookie preferences through our cookie banner/consent tool (where available) and through your browser settings.

We use cookies to limit certain types of cyber-attacks. We also use cookies during audits and fraud investigations. Some of our cookie/device tracking occurs through third-party vendors, and other times we use our own indexes to identify activity related to specific cookies.

Session cookies are temporary cookies that remain in your browser’s cookie file until you leave our Site.

Persistent cookies, on the other hand, generally remain in your browser’s cookie file for longer periods, depending on the lifetime of the particular cookie.

When we use session cookies to track the total number of visitors to our Site, Web Platform or App, for example, this is done on an anonymous aggregate basis.

We also use Google Analytics to track how the Site and/or the Web Platform and/or App are used. Google Analytics collects information anonymously and produces reports detailing information such as the number of visits to the Site and/or the Web Platform and/or App, where the visitors usually came from, how long they stayed and which pages they visited. Google Analytics places a number of persistent cookies on your computer’s hard drive. These do not collect personal data.

If you do not agree to this use, you can disable persistent cookies in your browser. This will prevent Google Analytics from recording your visits.

Legal basis for processing personal data of residents of the European Economic Area and the GDPR

If you reside in the European Economic Area (EEA), the processing of your personal data is subject to the provisions of the General Data Protection Regulations (EU) 2016/679 (“GDPR”).

Therefore, whenever we need your consent to process your personal data, such processing will be justified in accordance with Article 6(1) (a) of the GDPR.

If the processing of your personal data is necessary to perform a contract between you or to take pre-contractual steps at your request, such processing will be based on Article 6(1) (b) of the GDPR.

When the processing is necessary for us to comply with a legal obligation, we will process your information on the basis of Article 6(1)(c) of the GDPR.

Where the processing is necessary for the purposes of our legitimate interests, such processing will be done in accordance with Article 6(1)(f) of the GDPR. Where required under the GDPR (for example, for precise geolocation data and certain identifiers, depending on context), we and/or our customers will rely on explicit consent or another appropriate legal ground and implement additional safeguards.

Your rights under applicable privacy laws (including Israel privacy laws, the GDPR, the US state privacy laws where applicable, and Australia’s Privacy Act)

Depending on your location and subject to applicable law, you may have rights to request access to and a copy of personal information we hold about you, to request correction, and to request restriction of processing or object to processing (including to direct marketing). Where applicable law treats certain data as "sensitive" (for example, government-issued identifiers and precise geolocation), you may have additional rights and we will apply additional protections required by law.

You also have the right to demand that we delete your personal data or that we transfer it to a third party (i.e., the right to data portability).

In addition, you may, at any time, revoke your consent to the use of your personal data when the Company uses it based on your consent, from the moment of the cancellation onwards, without detracting from the legality of the use of the personal data about you prior to the cancellation of the consent.

To exercise these rights, or any other rights you may have under applicable law, please contact us at contact@ReinsGlobal.com. To the extent that you have a complaint regarding your personal information and/or this policy, you may contact the Company’s Privacy Protection Officer (DPO), with the details listed above.

However, please note that we reserve the right to charge handling fees if your request is clearly unreasonable or excessive.

In addition, these rights of correction, restriction, access, portability and deletion are subject to certain limitations, as provided by applicable laws.

Individual requests will be completed as soon as possible after their receipt and in any case within thirty (30) days of confirmation of their receipt.

To the extent that you are not satisfied with the handling of your complaint and you are subject to European Union laws, you may submit a complaint to the data protection authorities in the European Union, mainly to the data protection authority located at your place of residence, at your place of work, or at the place where the violation of your rights occurred in relation to your personal information by virtue of European privacy protection laws.

A list of Supervisory authorities is available at the following address: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.

The Company will provide a response regarding your request to exercise any of your rights mentioned in this section without delay and in any case within the timeframes required by applicable law. The time period may be extended where this is required, considering the complexity and number of requests; the Company will inform you of any such extension within the timeframe required by applicable law along with the reasons for it.

If you need further assistance regarding your rights, please contact us using the contact information provided above and we will consider your request in accordance with applicable law.

In some cases our ability to enforce these rights for you may depend on our obligations to process personal data for reasons of security, safety, fraud prevention, compliance with regulatory or legal requirements, or because processing is necessary to provide the services you have requested. In this case, we will inform you of specific details in response to your request.

For more information about the GDPR please go to: https://eugdpr.org/ — https://gdpr.algolia.com/.

Transfer of Personal Data Outside the European Union

We may share personal data with our employees, consultants and external service providers outside your country, but only to perform the services for which you have provided your personal data, even to countries that may not offer the same level of protection as that offered in your country of residence for your personal data. However, where required by applicable law, we will obtain your explicit consent before we use your personal data for any purpose other than performing the services for which you provided it, and we will implement appropriate transfer safeguards as described above.

For users in the European Union and Switzerland only — transfer of your information outside the European Economic Area

As part of the services offered to you through this Site and/or this Web Platform and/or the App, as applicable, personal data that you provide to us may be transferred to countries outside the European Economic Area (EEA) and Switzerland.

This can happen if one of our servers is located from time to time in a country outside the EEA or Switzerland (e.g. the United States).

These countries may or may not have laws that provide similar protection to that of the European Union or Switzerland for personal data. If they do not provide similar protection, we will enter into agreements adopted by the European Commission or adopt binding corporate rules that our affiliates and/or our consultants or service providers will adopt as binding policy.

If you use our services while you are outside the EEA or Switzerland, your personal data may be transferred outside the EEA or Switzerland to provide you with those services.