Privacy Policy

Orion – Privacy Statement

Welcome to Orion! We are Orion Security LSP LLC, also known as Orion Fleet Intelligence (“Orion”, “we”, “us” and “our”). Among other things, we combine in-vehicle technology that generates data with our data analysis, driver coaching, and ongoing monitoring to enable businesses to operate safer and higher performing fleets (the “Services”). 

We provide our Services directly to vehicle owners and operators as well as to the insurance industry.

Each person or entity who uses our Services, or whose data we gather, is referred to as a “user” or “you” or “your.” This Privacy Statement and our Terms of Service (“Terms”) apply to each user of our Services, as well as each person.

  • Privacy Overview

This document is our statement of our privacy practices (“Privacy Statement”). Among other things, it explains how we and some of the companies we work with collect, use, share and protect the information you provide to us (“your Content” or “User Content”). The User Content may include information that identifies an individual, directly or indirectly, such as a name or personal telephone number (collectively, “Personal Data” or “Personally-Identifiable Information”).

This Privacy Statement also discusses your choices about the collection, storage and use of your Personal Data. 

Any Content we gather that is not Personal Data is referred to as “Non-Personal Data.” Non-Personal Data may include information about how users use the Services, what Services the users select, all of which we aggregate into larger data sets that do not identify individuals (collectively, “Behavioral Data” which is a type of Non-Personal Data).

We also use the terms Controller and Processor.  In privacy law, a “Controller” is a person or company who decides how Personal Data will be processed, while a “Processor” is a person or company who actually does the work of processing the data. For most of Orion’s Services, Orion is a Processor of Personal Data, while the Controller of that Personal Data is another company, such as a fleet owner or business partner.

By using our Services, you consent to the collection, transfer, analysis, transformation, storage, disclosure and other uses of your Content, including your Personal Data, as described in this Privacy Statement.

Please note that privacy law and regulations may differ from one state to another in the United States and from one country to another. We expect privacy law and regulations to continue to develop and keep changing for the foreseeable future. Please check this Privacy Statement and our other privacy documents periodically to see whether or not they have changed so that you may better understand your privacy rights. 

  • Information We Collect

We may collect some Personal Data directly from the user. However, most of the Personal Data is collected by our business partners and customers, who are usually the Controllers of the Personal Data. We act as a Processor to process and report on the Personal Data. We also collect and process Non-Personal Data.

Our business partners and Orion collect many different types of information from you, both directly and indirectly.

Information you provide us directly

We may collect the following information from you.

  • Biometric Data. In this Privacy Statement, “Biometric Data” means any Personal Data about the unique characteristics of a person that are used to identify that person. Biometric Data includes personal identifiers such as facial images, retina or iris scans, fingerprints, voiceprints, and scans of hand or facial geometry. It does not matter how the Biometric Data is captured, converted, stored, or shared. Biometric Data does not include information that is not used to identify individuals. Currently, we process Biometric Data in the form of facial scans while a user is operating or is near a vehicle.
  • Profile information. Profile information includes your name, address and other profile information that you choose to make public or share with other users, as well as driver identification numbers and passenger identification numbers. 
  • Location Information. Location information is mostly the geographic location of an individual. Location information includes global positioning system (“GPS”) data (which often identifies the location of the person operating the vehicle), personal postal addresses, and location information embedded in or accompanying the User Content (e.g., in tags or captions). 
  • Communications between you and Orion.We may send you emails, SMS or text messages, and other electronic or telephonic communications for sales and delivery, notices of changes/updates to features of the Services, technical and security notices, to provide risk mitigation and other safety services inclusive of coaching, and for other reasons furthering the purpose of providing the Services. We may collect and store these communications. Please note that we do not have influence on the usage rates, terms of service, or policies other providers, such as your mobile / cellular phone carrier, that you elect to use to receive information from us. 

Information we gather from your use of our Services

We collect the following information from your use of our Services.

  • Emails. We may save private emails sent to us by users, and we may share your emails with any third parties or other users. 
  • SMS and Text Messages. We may save private SMS and text messages sent to us by users, and we may share your SMS and text messages with any third parties or other users. 
  • Telephone Conversations. We may record and save telephone conversations between us and users for training purposes and / or providing our Services. 
  • Social Media. In addition to media that we control, you may post comments, photographs, drawings and other User Content referring to Orion or its business partners on third party social media, such as YouTube, Facebook, Instagram and X (formerly known as Twitter), each of which enforces its own terms of use and privacy statement for its service. As noted in the Terms, we may use and copy the User Content you post. More to the point, your User Content may contain Personal Data about you and other people, including names, email addresses, and location information. You should also be aware that a photograph or drawing of a person may be Personal Data to the extent the person may be recognized in and identified by the photograph or drawing, and medical or other healthcare information may be gleaned from any medical conditions, disorders or diseases that are discussed or portrayed in the User Content. We may collect and use Non-Personal Data contained in the User Content to market our Services.
  • Analytics.We may create analytics using your Content and other User Content for insights and actionable information about drivers and passengers, and how they interact with vehicles, as well as data about other relevant persons. We may also use third-party data and analytics tools. Any analytics limited to one particular user we can identify will be treated as Personal Data, while any analytics information that cannot identify a particular individual will be treated as Non-Personal Data. 
  • Metadata. Metadata is usually technical data that is associated with other data, including User Content. For example, metadata can describe how, when and by whom an item of User Content was collected and how that User Content is formatted. Orion may collect and store metadata, including information about how users interact with the Services. 
  • Customer Support Services. In the course of providing our Services, our customer support services may collect information from you and / or your devices. 
  • User Provided Information. Our technologies, applications, and personnel may obtain personal and non-personal information when you download, register, or otherwise use our technologies or applications or interact with any of our personnel as they render Services. When you register with us and use our technologies or applications, you may be asked to: (a) provide information such as your name, email address, age, user name, password and other registration information; (b) furnish transaction-related information, respond to any offers, or download or use applications from us; (c) offer information to enable us to assist you when you contact us for help; (d) provide credit card information for purchase and use of applications, technologies, and / or Services, (e) enter information into our system to use application, technologies, or receive Services, such as contact information and project management information. We may also use the information you provide us to contact your from time to time to provide you with important information, required notices and marketing promotions. 
  • Log Data. Our Services include automatically recording information (“log data”). We may be the Controller or Processor of log data gathered by electronic logging devices (“ELDs”) or other devices installed in or operated from your vehicle(s), including smart phone mobile applications. We may also be the Controller or Processor of log data every time that software on your ELD, smart phone, computer, or other device contacts our computer servers or the computer servers of our business partners. The computer servers may capture information such as your Internet Protocol (“IP”) address, browser type, operating system, the referring web page, pages visited, location, your mobile carrier, mobile operating system, device and application IDs, search terms, and cookie information. We and our business partners receive log data when you interact with our Services, for example, when you visit our website, sign into our Services or interact with our email or text notifications. Orion uses log data to review how we and our business partners provide our Services and to measure, customize, and improve the Services. 
  • How We Store Your Information

We currently provide the Services from within the United States, and we store all User Content, including Personal Data, that we currently collect and retain on servers inside the United States. 

Most of the data we analyze are obtained from fleet owners, insurance companies and other third parties, who provide us with the data. We then store the Personal Data and Non-Personal Data we process on servers we own or lease from third parties.

By using our Services, or by submitting your personal information to us, you consent to the collection, storage, processing and onward transfer of your personal information as stated in the current version of this Privacy Statement and the current version of our other online documents, including the Terms of Service.

  • How We Use Your Information

We share and use your Personal Data in the following circumstances:

  • Use of Your Biometric Data. We may receive, use and share your Biometric Data with our business partners in order to provide the Services. In most cases, we are the Processor, not the Controller, of Biometric Data as the Biometric Data has been collected by our business partners. However, we will not share your Biometric Data with anyone else except as authorized by the Controller of your Biometric Data. If we are the Controller of your Biometric Data, we will not share your Biometric Data unless:
    • You or your legally authorized representative consents to such disclosure or redisclosure;
    • the disclosure or redisclosure completes a transaction requested or authorized by you or your legally authorized representative;
    • the disclosure or redisclosure is required by law.
  • To provide and maintain the Services, including to monitor the usage of our Services. This use includes Biometric Data which we may use to, for example, identify and authenticate individual users of the Services.
  • To manage Your Account, including to manage your registration as a user of the Services. The Personal Data you provide can give you access to different functionalities of the Services that are available to you as a registered user. This use may include Biometric Data to identify you when you interact with the Services. 
  • Opt-in with Your Consent. We may ask for your permission to share your Personal Data with other people and organizations outside of Orion, including to provide you with Services. As with any opt-in procedure, you are under no duty to agree to a request that you opt-in.
  • Partners and Affiliates of Orion. We may share your Personal Data with partners and affiliates to sell and provide the Services.
  • Cookies. Cookies are unique identifiers that we transfer to your device to enable our systems to recognize your device and to provide features and remember your personalization choices. We use cookies to make it easier to access and use our Services. The help feature on most browsers will tell you how to prevent your browser from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether. Additionally, you can disable or delete similar data used by browser add-ons, by changing the add-on’s settings or visiting the website of its manufacturer. Because cookies allow you to take advantage of some of the Services’ essential features, we recommend that you leave them turned on. Cookies are also used to display particular Content and to set session identifiers for visitors who voluntarily join user areas. 
  • Do Not Track. We honor requests to opt-out; however, the specific “Do Not Track” setting in browsers has been found to enable the fingerprinting of user devices, and companies have generally moved away from this standard. Therefore, we do not honor the “Do Not Track” setting on users’ devices. 
  • Opt-out Email, Text, or Postal Address. If you supply us with your postal, phone number, or email address you may receive periodic mailings from us with information on new products and services or upcoming events. If you do not want to receive such mailings, please let us know by sending an email to us at the “opt-out” address, below. We will remove your name from the list we use internally. Opting-out of these emails does not mean we remove your email from our system entirely, because we still retain your email addresses and postal addresses for other purposes, including those required to provide our Services.
  • Required by Law. We may access, preserve and share your Personal Data in response to a legal request (like a search warrant, court order or subpoena). We may also access, preserve and share Personal Data when we have a good faith belief it is necessary to: help to ensure security and integrity generally to the extent that your Personal Data is reasonably necessary and proportionate for those purposes; detect, prevent and address fraud and other illegal activity; to protect ourselves, you and others, including as part of investigations; and to prevent death or imminent bodily harm. Information we receive about you may be accessed, processed and retained for an extended period of time when it is the subject of a legal request or obligation, governmental investigation, or investigations concerning possible violations of our terms or policies, or otherwise to prevent harm.
  • Change of Control. If we sell or otherwise transfer part or the whole of Orion or our assets to another organization (e.g., a merger, acquisition, or reorganization), your Personal Data, User Content and any other information collected or processed through the Services may be among the items sold or transferred. 
  • Non-Personal Data. We may share Non-Personal Data publicly and with business partners, publishers, researchers or connected sites. For example, we may share aggregated Non-Personal Data publicly to show trends about the general use of our Services. As noted above, Non-Personal Data includes aggregated or collective information about multiple users that does not reflect or reference an individually-identifiable user.
  • Other. In addition to some of the specific uses of information we describe in this Privacy Statement above, we may use Personal Data that we receive to:
  • help you efficiently access your information after you sign in.
  • remember information so you will not have to re-enter it during your visit or the next time you visit the Services.
  • provide personalized Content and information to you and others, which, in the future, could include online ads or other forms of marketing.
  • provide, improve, test, and monitor the effectiveness of our Services.
  • develop and test new products and features.
  • monitor metrics such as total number of visitors, traffic, and demographic patterns.
  • diagnose or fix technology problems.
  • Data Retention

We will retain user information, including Personal Data, as long as we believe that there is a legitimate business reason to do so.

Orion may elect to delete Biometric Data as follows: 

  • When the initial purpose for collecting or obtaining such identifiers or information has been satisfied (for example, you have completed an authentication process when using the Services).
  • 5 years after your last interaction with Orion.
  • If there is any threatened or actual litigation, arbitration, regulatory or other legal action that involves or relates to your Biometric Data, and the Biometric Data is held by us or our business partners during the pendency of the action, then we may delete that Biometric Data no more than five years after the conclusion or termination of the legal action.
  • When you ask us to delete your Biometric Information, if we no longer need it for any other purpose.
  • Security of Your Personal Data

The security of your Personal Data (including your Biometric Data) is important to us, but no method of transmission over the Internet, or method of electronic storage, is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.

When we or our business partners store, transmit, or protect your Biometric Data or other Personal Data:

  • We use no less than a reasonable and industry-standard level of care; and
  • We use measures that offer the same or greater level of protection as that which we use to protect other confidential and sensitive information (personal information that can be used to uniquely identify an individual or an individual’s account or property) from disclosure.
  • Your Right to Review, Request Changes, and Disclose Personal Data 

Where required by applicable laws and regulations, each user may inspect and receive a copy of his or her Personal Data as stored in the Services. In rare circumstances, we may deny a request, and we may provide you with an explanation. If we deny your request, you may request a review by another professional, who will be chosen by Orion, and we will comply with the outcome of the review.

Subject to applicable laws and regulations, the Personal Data you provide to us remains completely under your control. If you believe the Personal Data we have is incorrect or incomplete, you may in writing request an amendment to your Personal Data. We will approve or deny each request, and notify you of our decision. If approved, we will amend the Personal Data. We will also make a reasonable effort to notify people to whom the Personal Data was released. In the case of a denial, we will provide the reason for the denial and instructions on how to appeal.

Any information or User Content that you voluntarily disclose for use of the Services, such as your user name, your Personal Data, your Biometric Data, or other User Content, may become available to the public if you release it to other users or to the general public. If you have shared your Personal Data, Biometric Data, or your User Content with other people, or otherwise made it public, that Personal Data and your User Content may be re-shared by others.

  • Changes to this Privacy Statement

We may modify our Privacy Statement from time to time as posted to our website.  If you choose not to be subject to a revised version of this Privacy Statement, then you may terminate your use of our Services. 

  • Different Locations, Different Laws

The laws and regulations that address privacy rights and responsibilities (collectively, “Laws”) are different from one jurisdiction to another. Indeed, some of the Laws may or may not apply to you or another user depending on different factors, including:

  • Location or residence of the user.
  • Location or residence of the individual that is the subject of the Personal Data (“Data Subject”).
  • Location or residence of the person or organization that employs or contracts with the Data Subject.
  • Location of each server or other machine where the Personal Data is received, stored, processed or forwarded to.
  • Location of the relevant office of Orion or any business partner or other company that processes Personal Data.

Several of the laws that concern users and Orion are discussed in this Section, but these are not all of the laws that may apply. In addition, if there is any conflict or ambiguity between the statements made in this Privacy Statement and an applicable law, then the law will control.

  • Consent to United States Law

All Personal Data and other data provided by users will be stored in the United States under United States law.  Accordingly, United States law will apply to all users.  All users consent to the application of the law of the United States in connection with the Services.

  • United States Federal and State Laws

Several of the federal Laws in the United States may apply to the Personal Data collected by us. Congress has passed several federal information privacy and security laws, while each state in the United States has passed and enforces information privacy and security laws that apply to data subjects, data, and businesses resident in that state. 

Currently, all Personal Data of Orion users, as well as Personal Data processed by Orion for others, is stored on servers and other machines physically located within the United States. From time to time, Personal Data may be moved between servers in the same location or may be moved to a different location. 

  • Children’s Online Privacy Protection Act (“COPPA”)

Currently, COPPA should not apply to the Services. Each user must be 18 years of age or older. As noted in this Privacy Statement, if we learn any user is under the age of 18 (“Minor User”), or if any parent or guardian contacts us, we will delete all information provided by the individual from our Services.  Moreover, users of the Services are responsible and liable for compliance under COPPA and are prohibited from collecting, using, and/or disclosing personal information from and about children in connection with the use of the Services, or assisting any third party in doing so.   

If you are the parent or guardian of a Minor User, and you become aware that your Minor User has provided us with Personal Data or User Content, please contact us immediately at info@orionfi.com.

  • Your Privacy Rights Under State Laws

This section supplements the information contained elsewhere in our Privacy Statement and applies to all visitors, users, and others (“consumers” or “you”). This notice of privacy rights has been adopted in order to comply with United States state and federal laws, and any terms defined in such laws have the same meaning when used in this notice.

California residents: Please see our document titled Your California Privacy Rights for additional rights which may apply to you.

  • Specific Rights Under State Laws

Under several state privacy and data protection laws (for example, California, Colorado, Connecticut, Utah, and Virginia), residents of those states may have one or more of the following rights and may exercise these rights free of charge. Since these state laws are generally modeled on the General Data Protection Regulation (GDPR), the following list mirrors the GDPR section below:

  • Right to lawfulness, fairness and transparency. Requires that we follow these principles when processing your personal information
  • Right to Access. Access to your personal information and to certain other supplementary information that this Privacy Notice is already designed to address
  • Right to Rectification. Require us to correct any mistakes in your information which we hold
  • Right to Be Forgotten: Require the erasure of personal information concerning you in certain situations
  • Right to Data Portability: Receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations
  • Right to Object to Direct Marketing: Object at any time to processing of personal information concerning you for direct marketing
  • Right to Object to Automated Individual Decision Making: Object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you
  • Right to Restriction of Processing:
    • Object in certain other situations to our continued processing of your personal information
    • Otherwise restrict our processing of your personal information in certain circumstances

You may also have the right to claim compensation for damages caused by our breach of any data protection laws.

  • Rights Regarding Sensitive Data

Under some state laws, you may have the right to opt-out of our processing Sensitive Personal Data, or the right to prevent our processing your Sensitive Personal Data without your affirmative consent. “Sensitive Personal Data” is defined differently by each state, but generally includes Personal Data relating to one or more of the following categories:

  • Social security, driver’s license, state identification card, or passport number.
  • Account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account.
  • Precise geolocation.
  • Racial or ethnic origin, religious or philosophical beliefs, or union membership.
  • Genetic data.
  • Biometric and health information.
  • Information regarding a consumer’s sex life or sexual orientation.
  • Citizenship or immigration status
  • Personal Data regarding a known Minor User.
  • Your Rights under the GDPR and UKDPA

If you are covered by the GDPR or by the United Kingdom Data Protection Act 2018 (“UKDPA”), you may have a number of important rights. In summary, those include:

  • Right to lawfulness, fairness and transparency. Requires that we follow these principles when processing your personal information
  • Right to Access. Access to your personal information and to certain other supplementary information that this Privacy Notice is already designed to address
  • Right to Rectification. Require us to correct any mistakes in your information which we hold
  • Right to Be Forgotten: Require the erasure of personal information concerning you in certain situations
  • Right to Data Portability: Receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations
  • Right to Object to Direct Marketing: Object at any time to processing of personal information concerning you for direct marketing
  • Right to Object to Automated Individual Decision Making: Object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you
  • Right to Restriction of Processing:
    • Object in certain other situations to our continued processing of your personal information
    • Otherwise restrict our processing of your personal information in certain circumstances

You may also have the right to claim compensation for damages caused by our breach of any data protection laws.

For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals’ rights under the General Data Protection Regulation, available at: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/.

If you would like to exercise any of those rights, please:

  • Email, call, or write to us
  • Provide us enough information to identify you, including your: account number, user name, registration details, and order number
  • Provide us proof of your identity and address (a copy of your driver’s license or passport and a recent utility or credit card bill)
  • Provide us with the information to which your request relates including any account or reference numbers, if you have them

If you make requests which are manifestly unfounded or excessive, we may charge a reasonable fee based on administrative costs, or we may refuse to act on the request.

The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in the European Union (or European Economic Area) state where you work, normally live, or where any alleged infringement of data protection laws occurred. The EU maintains a website which you may use to locate your supervisory authority, at https://edpb.europa.eu/about-edpb/about-edpb/members_en.

  • Use and Transfer of Your Information Out of the EEA

The Services are operated in the United States and third parties with whom we might share your personal information as explained above are located in the United States. If you are located in the European Economic Area (“EEA”) or elsewhere outside of the United States, please be aware that any information you provide will be transferred to the United States. By using the Services, participating in any of its services or providing your information, you consent to this transfer.

The United States and many other countries do not have the same data protection laws as the United Kingdom and EEA. While the European Commission has not given a formal decision that such countries provide an adequate level of data protection similar to those which apply in the United Kingdom and EEA, if you live in the EEA or the United Kingdom, any transfer of your personal information will be subject to the derogation in Article 49 permitting non-repetitive transfers that concern only a limited number of data subjects, as permitted by Article 49 of the GDPR that is designed to help safeguard your privacy rights and give you remedies in the unlikely event of a misuse of your Personal Data.

If you would like further information, see “Contact Us” below.  

  • Use of Email Addresses and Other Contact Information

We collect the email addresses of those who voluntarily provide them to us. You may receive subscription, editorial and other messages from the Services or from us. If you do not want to receive email or other communication from us in the future, please let us know at info@orionfi.com.  Please note that there may be ramifications to discontinuing communications from us, including those described elsewhere in this document. 

  • How to Exercise Your Rights

If you would like to exercise any of your rights as described in this Privacy Statement, please:

  • Complete a data subject request form available on our website
  • Call us toll-free at 888.908.6691 and ask for the Legal Department
  • Email us at info@orionfi.com 
  • Write to us at Attn: Privacy, Orion Fleet Intelligence, 101 East 8th Avenue, Suite 300, Conshohocken, PA 19428, USA
  • Services Impact on Risk Mitigation, Insurance, and Employment Status

Oftentimes, Orion’s Services has risk and insurance implications.  For example, and insurance carrier may agree to provide coverage and / or provide coverage at a lower price based upon your use of Orion’s services.  Therefore, opting out of certain portions of the Services or otherwise discontinuing the use of the Services may have ramifications for you.  Orion is not a licensed insurance agent or broker, nor is it an insurance carrier.  Therefore, we strongly encourage you to contact your insurance agent, insurance broker, and / or insurance carrier, as applicable, to properly understand the potential ramifications of reducing any elements of the Services.  

Equally, if you are an individual user and you participate in the Services in conjunction with your performing your employment duties at an Orion client, we strongly encourage you to speak with your employer to fully understand the potential ramifications of any reduction(s) to the Services you receive from Orion. 

  • Verifying Your Identity

If you choose to contact us directly, you will need to provide us with:

  • Enough information to identify you (e.g., your full name, address and customer or matter reference number);
  • A description of what right you want to exercise and the information to which your request relates.
  • Proof of your identity and address (e.g., a copy of your driving license or passport and a recent utility or credit card bill); and

We are not obligated to make a data access or data portability disclosure if we cannot verify that the person making the request is the person about whom we collected information, or is someone authorized to act on such person’s behalf.

Any Personal Data we collect from you to verify your identity in connection with your request will be used solely for the purposes of verification.

  • Contact Us

If you have questions or concerns about this Privacy Statement, please contact us online at info@orionfi.com, or by postal mail addressed to:

Attn: Legal, Orion Fleet Intelligence, 101 East 8th Avenue, Suite 300,  Conshohocken, PA 19428, USA.

  • Revision Date 

This Privacy Statement was last revised: November 12, 2023.

Skip to content