When you access the Services, you may provide GreenScreen three types of information, personal, non-personal and tracking and mobile data (together the "Covered Information"). Personal
"Personal information" is individually identifiable information about you, not otherwise available to the public, such as your name, address, phone number, and email address, that you willingly provide us in order to use or pay for our Services. You may provide us personal information when you visit the Website, register as a User, use certain features of our Website platform such as submitting or posting information, making or accepting bookings, and paying for Services you use, and when you request or use one of our other Services.
We collect personal information from Users only when they voluntarily provide it to us. We collect and process such data in order to provide Users access to our Website, tools, and applications and to our Services. We also do so in order to enhance our Website, Carrier App and our ability to provide efficient Services customized to meet your needs and those of other Users. We use personal information to facilitate providing general accounting, billing and administrative services to our Users, to monitor your use of our Services, such as the pages you view and things you click on or search for, and to expedite resolving User complaints and disputes, among other purposes permitted by law.
If you elect to provide us personal information, you consent to its transfer and storage on our servers. If you decline to provide us personal information, you may be prevented from participating in and using some or all our Services. We do not knowingly contact or collect personal information from Users under the age of 18. If you believe we have inadvertently collected such information, please contact us, and we will promptly obtain parental consent or remove the information. Non-Personal
You also may provide us non-personal identification information when you access our Services. You may, for example, provide us your browser's name and its characteristics and enable us to identify your internet service provider, your operating system and IP address, your method of connectivity to the Website, and other similar information. Tracking And Mobile Data
In order to perform its Services, when you use certain features of GreenScreen's Services, in particular our Carrier App, we may receive, collect, store, and process different types of information about your location and that of your assets (e.g. your trucks or your in-transit goods), including not only general information (e.g., IP address, zip code), but also more specific location-related information and truck diagnosis (e.g., GPS-based functionality on mobile devices used to access the Services or specific features of the Services, including tracking Users' motor carrier vehicles and shipments transported therein, as well as extracting diagnostic information from trucks and other tracked assets).
If you access the Services through a mobile device and you do not want your device to provide us with location-tracking information, you may disable the GPS or other location-tracking functions on your mobile device, provided your device allows you to do this. You expressly consent to the collection, use, processing, disclosure, and retention of all information described herein. If you do not want to provide us with this information, please see your device manufacturer's instructions for further details. Storing And Tracking
As explained above, we may track your precise location and that of your assets. You understand and agree that we and/or our agents or service providers may monitor your activities and locations as described above, including your use of the Services. Specifically, you consent to GreenScreen collecting and using the Covered Information about you and your assets to (i) administer the Services, (ii) electronically locate you or, if applicable, your assets in conjunction with providing you and your customers the Services, (iii) provide information to third-party service providers, wireless carriers, or other persons we engage for the purpose of providing the Services, or in response to a subpoena or other legal process, and (iv) use and share your information and statistics in conjunction with providing you Services. In addition, you consent to GreenScreen using Covered Information about you and your assets, including contact information and the types of Services that you use, to (i) enforce the terms of the Agreement, (ii) prevent fraud, (iii) respond to regulatory and legal requirements and government inquiries, or in litigation or dispute resolution, (iv) share information with GreenScreen affiliates in conjunction with the Services, (v) provide you with promotional offers and marketing materials, (vi) administer your account, including for credit and collections purposes, and (vii) disclose such information to your bank or to a third-party collection agency. We may retain your data indefinitely. Acknowledgment
YOU ACKNOWLEDGE AND AGREE YOU ARE RESPONSIBLE FOR (1) ADVISING YOUR CUSTOMERS, EMPLOYEES, AGENTS AND/OR AFFILIATES HOW GREENSCREEN MAY COLLECT, USE, AND DISCLOSE INFORMATION ABOUT THEM AND THEIR ASSETS AND (2) FOR OBTAINING WHATEVER CONSENTS AND WAIVERS FROM THIRD-PARTIES MAY BE NECESSARY IN ORDER FOR GREENSCREEN TO COLLECT, USE, AND DISCLOSE SUCH INFORMATION. Sharing Covered Information With GreenScreen's Trusted Partners And Vendors
GreenScreen may share your Covered Information with its trusted partners and/or vendors in order to provide you with Services and relevant advertising and offers. We also may allow trusted partners and/or vendors to collect data through our Services.
GreenScreen may share your personal information with other companies it engages, including its vendors and contractors, in order to provide you improved Services. Their use of this personal information is limited to these purposes and subject to agreements requiring them to keep the information confidential. GreenScreen's trusted partners and vendors provide assurances they take and will take reasonable steps to safeguard the data they hold on your behalf, although data security cannot be guaranteed.
Analytical companies we use or engage may access or allow us to access aggregated data to help GreenScreen better understand how its Services are used, thus enabling GreenScreen to expand and enhance its Services. These companies use the data solely on our behalf. They do not share data except in aggregated form. Sharing Covered Information With User's Clients, Partners, Contractors And Related Third Parties
GreenScreen may share your Covered Information with certain User's commercial partners (such as warehouses, pick-up and delivery locations, motor carriers and shippers, among others) to improve the User's experience or to enhance the quality and scope of its Services (e.g. allowing shippers to track their shipments; notifying consignees of arriving loads; allowing shipper and carrier Users to share their Covered Information with third-parties, etc.…). GreenScreen has no control over when and with whom Carriers, Shippers and/or their agents share their Covered Information, and, therefore, GreenScreen expressly disclaims any liability to you or any third party. Steps To Secure Covered Information: Our Disclaimer
GreenScreen takes reasonable steps to protect your personal information against unauthorized access or disclosure; however, you understand that privacy cannot be guaranteed on our system, or other systems such as those used in order to provide our Services, because no security or encryption method can be guaranteed to protect information. Accordingly, GreenScreen expressly disclaims liability to you or any third-party for any claims, loss, damages, or costs resulting from a lack of privacy.
In addition, we use GreenScreen uses the following tools to backup, secure and authenticate data. Backup Policy
GreenScreen uses Amazon RDS to manage PostgreSQL database, which is used for our services. Amazon RDS provides the infrastructure to maintain and backup databases on a regular basis. Backups are created on a daily basis. Also, Amazon RDS provides "hot standby" replicas for the database to reduce possible downtimes if something happens with the main database instance. SLA for the database, in that case, is 99.95: https://aws.amazon.com/ru/rds/sla/ Encryption of Data
GreenScreen uses Amazon RDS as a database management system: https://aws.amazon.com/ru/rds/features/security/
. We encrypt our data storage using Amazon RDS tools such that all data transferred between our services, as well as between us and our customers, is encrypted by SSL/TLS. Access for the data on production granted to only authorized users. Authentication
GreenScreen uses Keycloak as an identity and access management system (authentication and authorization): https://www.keycloak.org/
. Our instance of Keycloak is running in our infrastructure in Amazon AWS. Passwords are always automatically and transparently encrypted during the network by using the AES. Auditing and logging
We maintaining central logging storage, based on https://www.elastic.co/what-is/elk-stack
. This also running in our Amazon infrastructure. All meaningful events are logged and regularly and are stored for 5 years. Monitoring and Alerting
Provider regularly monitors systems status and uptime. Also, we monitor all our APIs as well as APIs we use: we're calculating responses time and HTTP codes for all those responses (to see if everything is alright). If something goes wrong, we've got alerting to dedicated slack-channels and the team looking for them. Database Credentials Coding Policy
Database authentication credentials are a necessary part of authorizing application to connect to internal databases. However, incorrect use, storage and transmission of such credentials could lead to compromise of very sensitive assets and be a springboard to wider compromise within the organization.
This policy states the requirements for securely storing and retrieving database usernames and passwords (i.e., database credentials) for use by a program that will access a database running on one of GreenScreen Inc.'s networks.
Software applications running on GreenScreen AI, Inc.'s networks may require access to one of the many internal database servers. In order to access these databases, a program must authenticate to the database by presenting acceptable credentials. If the credentials are improperly stored, the credentials may be compromised leading to a compromise of the database.
This policy is directed at all system implementer and/or software engineers who may be coding applications that will access a production database server on the GreenScreen AI, Inc. Network. This policy applies to all software (programs, modules, libraries or APIS that will access a GreenScreen AI,Inc., multi-user production database. It is recommended that similar requirements be in place for non-production servers and lap environments since they don't always use sanitized information.
In order to maintain the security of GreenScreen Inc.'s internal databases, access by software programs must be granted only after authentication with credentials. The credentials used for this authentication must not reside in the main, executing body of the program's source code in clear text. Database credentials must not be stored in a location that can be accessed through a web server. Specific Requirements
Storage of Data Base User Names and Passwords
Database user names and passwords may be stored in a file separate from the executing body of the program's code. This file must not be world readable or writeable.
Retrieval of Database User Names and Passwords
If stored in a file that is not source code, then database user names and passwords must be read from the file immediately prior to use. Immediately following database authentication, the memory containing the user name and password must be released or cleared. Special-Situation Disclosures