Privacy Policy


1 Introduction


1.1 Purpose

Async Technologies Ltd. trading as TireCheck/TyreCheck, (referred to as we or us throughout this document) prioritizes customer trust. We are committed to protecting the privacy of all users of our websites, and those we host, in a comprehensive and transparent manner.

Please note that we do not collect any other personal data from user of our website, other than those volunteered by you. Note further that we do not use this data for marketing purposes, but to return your queries regarding our products and services as requested by you in the contact form.

Any information that you volunteer to provide Async Technologies via our Contact or Enquiries pages, are treated with the highest standards of security and confidentiality in accordance with the Data Protection Act 1988, as amended by the Data Protection (Amendment) Act, 2003 and Regulation (EU) 2016/679 (the General Data Protection Regulation).


1.2 Scope

Our privacy policy extends to Async Technologies Ltd., TyreCheck/TireCheck and all our subsidiaries and associates. Websites covered by this privacy statement include our informational websites delivering marketing information on our registered domains, and all solutions websites hosted by us as part of a a licensed service.


Note: Our websites do not contain links or references to third party websites outside of our control.

1.3 Policy Changes

This Privacy Policy is subject to change. Use of information that we gather may be subject to change from time to time, in accordance with current legislation. It shall be your responsibility to check our website frequently to see recent changes.


2 Marketing Websites


Async Technologies and all of its trading companies (TyreCheck/TireCheck) recognize that trust and privacy of your data is important and as such endeavour to protect your data in accordance with the all regulations and guidelines.

All pages on our marketing websites, including our Contact and Enquiries pages, are delivered only using encrypted protocols (HTTPS), securing your communication with us. When you visit one of our websites (www.asynctechnologies.com, www.tyrecheck.com, www.tirecheck.com or help.tirecheck.online) we do not collect any personal data about you, unless you explicitly use our Contact or Enquiries form(s) to send us your details.

By using our Contact or Enquiries page, entering your contact information and volunteering to share your personal data with us, you are implicitly giving us your permission to make direct contact with you for legitimate business purposes. Your contact details are retained for the purposes of making contact in regards to your specific enquiry.

  • The request and contact information you send through the website contact page(s) are handled internally by creating an ticket for the support team or an enquiry for the sales team. These requests are handled by a trained team member who is aware of current data protection requirements.
  • We do not store this information for any subsequent marketing campaigns without your explicit consent.
  • We do not share or divulge any of your personal data to any third parties unless we are required to respond to legal requests from public authorities.
  • We are committed to taking all reasonable precautions to prevent the loss, misuse or alteration of information you give us.
  • If you have provided us personal information and you would like a copy of that information, wish us to correct any factual inaccuracies in that information, or require that all personal information be deleted from our records, please contact yourdata@tirecheck.com. We will make all reasonable efforts to supply, correct and/or delete that information from our records within a 45 day time period unless we are legally required to retain this information.

3 Hosted Applications


Hosted applications include all online solutions and services provided via website URL by Async Technologies or one of our trading names (TyreCheck.com/TireCheck.com).


Data Security:
  • We are committed to delivering our hosted solutions and services in compliance with the highest security and auditing (ISO 27001) standards, including encryption of data transferred over public networks and secure storage of data.
  • All our online hosted applications accessible via browser for users are exclusively available via secure encrypted protocols (HTTPS).
  • All integrations between our hosted applications and a customer external sites via FTP use secure FTP over SSH.
  • All API data exchange or transfer requests made to one of our hosted applications is permitted over secure HTTPS only and therefore encrypted.
  • All our hosted applications are currently located on Microsoft Azure secure servers and storage, and as such protected by Azure’s security and threat protection policies.
  • Our European hosted services are located in the Microsoft data center in the Netherlands.


Data Access:
  • Access to any customer database (user or operational data) is restricted to authorised and qualified employees of Async Technologies or TireCheck.
  • An access control policy is in place in compliance with ISO 27001, which grants database access only to authorised system administrators located in the Ennis or Prague offices.
  • Other employees such as developers requiring access must a) be based in one of the EU offices and b) request permission from an authorised system administrator and have the request approved by the Release Manager.
  • The access control policy also controls which employees have an admin or orgadmin user account on the customer production system.
  • Only senior support team members have the admin account password for production environment applications.
  • All staff are trained not to make changes to production systems without passing the request through the senior support team for sign off.
  • All changes to configuration within the application, or production environment setup must be logged in Zendesk or JIRA by the customer and approved by their senior management team, recorded in JIRA by the Async Technologies team and approved by our relevant team manager.


Customer Data:

Each user’s account is accessible only upon authentication using a login ID and secure password. Passwords in TireCheck hosted applications are required to be 8 or more characters in length, contain a special character, and at least one number. Async Technologies/TireCheck is considered the data processor for all data contained in our hosted solutions. As the data processor Async Technologies/TireCheck does not access, transfer or use any customer content or data for any purpose other than providing, maintaining and improving our services and as otherwise required by law.


Data Retention:
  • The data controller in a hosted environment is the data owner. In the case of hosted solutions, the data controller is our customer (the named customer and subsidiaries) and is not Async Technologies/TireCheck.
  • It is the responsibility of the data controller (data owner) to set and maintain a data retention policy for user information.
  • It is the responsibility of the data controller to field and answer user queries in respect of their accounts and GDPR.
  • It is the responsibility of the data controller (named customer and its subsidiaries) to remove user account data in accordance with General Data Protection Regulations.
  • Async Technologies/TireCheck will facilitate the implementation of a data retention or removal policy where requested and compliant with the law.

Backups:
  • All production system customer data (both user data and operational data) is hosted on Microsoft Azure and subject to our backup processes.
  • Azure storage accounts for production backups are read-access geo-redundant storage accounts.
  • All production data is backed up to private Microsoft Azure Blob Storages.
  • All data backups are subject to our access control policies for customer data, and accessible exclusively by authorized systems admin team members in the Ennis office.
  • Production data is backed up on a rolling basis for short term and long term backups
  • We perform short term backups which are retained for a 90 day rolling period:
    • weekly (full backup)
    • daily differential backups each day for that week
    • and transaction log backups for every 30 minutes.
  • We perform long-term backups of all live production data. This is a full backup taken once per quarter, starting on January 1st of 2018.
  • Long term backups are currently retained until the subsequent period in the following year at which point the backup is removed.
  • Web activity log files are archived daily and retained for a period of 6 months. Sync service and scheduler logs are retained for periods of 30 and 90 days respectively. **
  • XML /CSV files or other file types generated for integration with external systems are retained for a period of 90 days.**
  • All log file and integration file backups are subject to our access control policies for customer data, and accessible exclusively by authorized systems admin team members in the Ennis office.
  • Prior to retirement and disposal, IT ensures that:
    • The Azure Storage Account no longer contains active backup blobs.
    • The Azure Storage Account current or former contents cannot be read or recovered by an unauthorized party.

  • ** These time frames can be modified for customer needs, in line with legislation and regulations