Privacy Policy
Road Triage / Robocist Inc. · Last updated: June 2, 2026
This policy is provided for transparency and should be reviewed by legal
counsel before being relied upon for a specific jurisdiction.
This policy explains what personal data Road Triage ("we") collects, why we
collect it, how long we keep it, and the rights you have over it. We aim to
meet the strictest applicable standards, including the EU/UK GDPR and US
state privacy laws (such as the CCPA/CPRA), and to apply those protections
to all users.
1. What we collect
- Account data — name, email, phone, job title, role, and the organization you belong to.
- Content you provide — uploaded resumes and documents (we store the extracted text, not the original file), your professional bio, comments, discussions, saved searches, and preferences.
- Usage & technical data — IP address, browser/user-agent, and activity timestamps, recorded for security and to operate the service.
- Consent records — when you accepted these terms, from what IP and browser.
Scope. This policy concerns
personal data about you. It does not cover the road, pavement, and
infrastructure assessment data the service is built to collect and analyze —
including sensor and datalogger measurements, condition scores, and
de-identified analytics — which is operational data, not personal to you,
and which we may retain indefinitely for internal and
operational use. Where collected imagery may contain personal elements (such
as faces or license plates), we apply privacy filtering as described in the
Terms.
2. Why we use it (lawful bases)
- To provide the service you or your organization signed up for (contract).
- Security, fraud prevention, and audit (legitimate interests and legal obligation).
- Consent, where we ask for it (you can withdraw it at any time).
We do not sell your personal data.
3. How long we keep it (retention)
- Standard accounts: personal data is retained for the life of the account and for up to 3 years after your account becomes inactive or your access ends, then anonymized.
- Guest / public users: because access is limited, personal data is retained for up to 1 year after your last activity, then anonymized. De-identified data (which no longer identifies you) may be kept longer for analytics and to improve the service.
- Security & legal records: audit logs and proof of consent are kept for as long as needed for legal, security, and audit purposes, in a minimized or de-identified form.
4. Your rights
Subject to local law, you can:
- Access & export a copy of your account data, content, consent records, and recent activity (we provide CSV, JSONL, or PDF). High-volume technical logs may be summarized.
- Delete your data ("right to be forgotten"). We pseudonymize your personal data; records we are required to keep for legal, security, or audit reasons are retained in de-identified form. Deletion requests are reviewed by an administrator before they are carried out.
- Correct inaccurate data (you can edit most of it on your profile).
- Object to or restrict certain processing.
You can export your data yourself on your
My Data & Privacy
page (sign in, then open your profile), and request deletion there. For the
other rights, contact us below.
5. Security
Access is role-based and tenant-scoped. Administrative "view as user"
sessions are recorded and clearly attributed to the administrator, never
presented as the user themselves, and administrators cannot accept terms on
your behalf.
6. Contact
For privacy requests or questions, contact
privacy@robocist.com.
See also the Terms & Conditions.