Label
Label

Privacy policy

1. Preamble
This privacy policy describes how Sterzo, published by Otoqi Technologies, collects, processes, and protects its users’ personal data when using the “Sterzo” mobile and web application.
It complies with the General Data Protection Regulation (GDPR – EU 2016/679) as well as the French Data Protection Act.
2. Definitions
The following terms, as used in this policy, have the meanings set out below:
  • “Third‑Party Account”: any account managed by a Manager, allowing its user to view and carry out vehicle transport operations.
  • “User Account”: the individual account that the User creates when registering on the Application.
  • “Data”: all User data, including Access Data, Personal Data, and Data from Third‑Party Accounts.
  • “Access Data”: a username and password pair issued by the Manager allowing access to a Third‑Party Account.
  • “Login Credentials”: email address and password allowing the User to access their Personal Space.
  • “Personal Data”: any information relating to an identified or identifiable natural person.
  • “Personal Space”: the section of the Application dedicated to the User.
  • “Manager”: any company issuing Access Data to Third‑Party Accounts.
  • “Synchronization Service”: the information service that provides consolidated information from Third‑Party Accounts held by one or more Managers.
  • “User”: the natural or legal person who has agreed to these Terms of Use and is the holder of the Login Credentials.
3. Data Controller
The data controller is: Otoqi Technologies, 17 rue de l’Arrivée, 75015 Paris, France.
For any questions or to exercise your rights, please contact our Data Protection Officer (DPO) at: contact@sterzo.co.
4. Data Collected & Purposes
Sterzo only collects the data strictly necessary to operate the service. This includes:
  • Identification data: email, first name, last name, encrypted password, city
  • Third‑party platform login data (if synchronization is enabled)
  • Mission & activity data: routes, missions booked or created, earnings
  • Technical & usage data: device type, language, IP address, user behavior (via analytics)
Data is processed in order to:
  • Provide you with access to the Sterzo application
  • Synchronize your missions via platforms such as Otoqi, Driiveme, or Hiflow
  • Send essential service communications (account validation, password reset, etc.)
5. Legal Basis for Processing
Sterzo only collects the data strictly necessary to operate the service. This includes:
  • Performance of the contract: account creation and management, platform synchronization, and mission management
  • Legitimate interest: continuous improvement of the application, anomaly detection, sending notifications
  • Consent: required only for optional features (e.g., marketing communications)
6. Data Retention Periods
Login credentials: until your account is deleted or deletion is requested – maximum 1 year

Activity data: retained for 6 months after account deletionTechnical data (logs, usage): archived for 12 months
7. Data Recipients
Your data is accessible only to:
  • Sterzo staff (employees, technical team, support)
  • Our technical service providers (hosting, payment processors, email providers, etc.)
  • Competent authorities if required by law or court order
Sterzo does not sell or transfer your data to unauthorized third parties.
8. Data Security
Sterzo implements best practices, including:
  • Encryption of Access Data and Personal Data
  • Secure storage on servers located in France or the EU
  • Regular security audits
  • Strictly limited internal access
9. Transfers Outside the EU
No data transfers outside the European Union are carried out as part of the service. Should this change, we will only use countries providing an adequate level of protection or standard contractual clauses.
10. Your Rights
Under GDPR, you have the following rights:
  • Right of access: obtain the data we hold about you
  • Right to rectification: correct inaccurate or incomplete data
  • Right to erasure: request the deletion of your data
  • Right to restriction of processing: temporarily pause processing of your data
  • Right to object: refuse processing based on our legitimate interests (except core service operations)
  • Right to data portability: receive your structured data in a usable format
  • Right to withdraw consent, where consent has been given
To exercise your rights, contact us at contact@sterzo.co with a copy of valid ID.
You may also file a complaint with the CNIL.
11. Data Security Measures
We apply strict technical and organizational measures, including:
  • Encryption of sensitive data (passwords, platform credentials)
  • Secure storage (encrypted backups, restricted access)
  • Regular IT security audits
12. Policy Updates
This policy may be updated at any time. The dated version will appear at the top of the page (e.g., “Last updated: July 30, 2025”).
All rights reserved.
Contact
Privacy policy
About us