Legal

Privacy Policy

Last updated 1 June 2026·AZP Group Sdn Bhd (1654709-U)

This Privacy Policy describes how AZP Group Sdn Bhd(1654709-U) collects, uses, and protects your personal data when you use the Mirae Fleet platform (“Service”). We are committed to complying with the Personal Data Protection Act 2010 (PDPA) of Malaysia.

1. Data We Collect

We collect the following categories of data:

  • Account data — name, email address, and password (hashed) provided at registration
  • Organisation data — organisation name and subscription plan details
  • Vehicle data — vehicle name, plate number, IMEI, driver assignment, and current subscription plan
  • GPS and telemetry data — location coordinates, speed, altitude, heading, ignition state, and other telemetry submitted by GPS hardware devices assigned to your vehicles
  • Payment data — subscription status and billing reference numbers. Payment card details are processed directly by Billplz and are never stored on our servers
  • Usage data — browser type, IP address, pages visited, and session duration collected via server logs

2. How We Use Your Data

We use your data to:

  • Provide, operate, and improve the Service
  • Authenticate your account and enforce access controls
  • Display real-time and historical vehicle location and telemetry
  • Process subscription payments and enforce plan limits
  • Send transactional emails (account confirmation, payment receipts, service notices)
  • Diagnose technical issues and maintain service security

We do not sell your personal data to third parties.

3. Data Sharing

We share data only with the following categories of third-party service providers, strictly to operate the Service:

  • Cloud infrastructure providers — database hosting and application delivery (data processed within secure, contracted third-party environments)
  • Billplz — payment processing (subject to Billplz’s own Privacy Policy)

All providers are required to process data only as instructed and to maintain appropriate security measures.

4. GPS and Location Data

GPS data is submitted by hardware devices installed in vehicles. This data is associated with a vehicle record, not with an individual person. You are responsible for ensuring that drivers and other individuals whose location may be captured are informed and have provided any consent required under applicable law.

5. Data Retention

  • Account and vehicle data — retained while your account is active and for 30 days after termination
  • GPS telemetry records — retained indefinitely while your account is active; deleted 30 days after account termination
  • Payment references — retained for 7 years as required by Malaysian tax law

6. Security

We implement industry-standard security measures including TLS encryption in transit, bcrypt password hashing, API key hashing, HTTP security headers, and rate limiting on all inbound endpoints. Access to production data is restricted to authorised personnel only. However, no system is completely secure and we cannot guarantee absolute protection against all threats.

7. Your Rights (PDPA)

Under the Personal Data Protection Act 2010, you have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate personal data
  • Withdraw consent for processing, subject to legal and contractual obligations

To exercise these rights, contact us at support@miraefleet.app.

8. Cookies

We use session cookies for authentication (via NextAuth). We do not use third-party advertising cookies or tracking pixels. You may disable cookies in your browser settings, but this will prevent you from logging in.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be notified via email or an in-app notice. The date at the top of this page reflects the most recent revision.

10. Contact

For privacy-related enquiries, contact our data protection contact at support@miraefleet.app or visit our Contact page.