Privacy Policy Overview
Effective Date: January 1, 2026 | Last Updated: July 3, 2026
CTS Mobility, Inc. ("we," "us," "Company") respects your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our services, and interact with our business.
Data We Collect
Information You Provide
- Contact Forms: Name, email, phone, company, fleet size, interests when you request a quote
- Account Registration: Login credentials, billing address, payment method (via PCI-compliant third parties)
- Communications: Messages you send via email, support tickets, or live chat
- FastLane Orders: Order details, device specifications, delivery preferences, IMEI/SIM requests
Information Collected Automatically
- Browser & Device: IP address, browser type, device model, operating system
- Usage Analytics: Pages visited, time on page, clicks, scroll depth (via Google Analytics 4)
- Cookies: Session tracking, preference storage, anonymized marketing analytics
- Pixel Tags: Conversion tracking for Google Ads and performance measurement
Third-Party Data Sources
- Business Intelligence: Public company data, industry databases for B2B prospecting (opt-out available)
- Fraud Prevention: Risk scoring services to detect unauthorized activity
How We Use Your Data
- Service Delivery: Process quotes, orders, deployments, billing, and support
- Marketing: Email campaigns, retargeting ads, content recommendations (opt-out anytime)
- Analytics: Understand website performance and user behavior to improve our services
- Compliance: Fulfill legal obligations, audit trails, regulatory reporting
- Fraud Prevention: Detect and prevent unauthorized access or misuse
- Communications: Respond to inquiries, send transactional emails (order confirmations, support updates)
Sharing & Disclosure
We Do NOT Sell Your Personal Data
CTS Mobility does not sell, rent, or lease customer contact lists or personal information to third parties. Period.
We DO Share Data With
- Service Providers: Payment processors (Stripe), email services (SendGrid), analytics (Google), hosting (Cloudflare)
- Carriers & Vendors: Verizon, AT&T, Sprint, Apple, Samsung for device provisioning and support
- Legal & Compliance: Law enforcement when legally compelled; fraud investigators as needed
- Business Transfers: If acquired, your data transfers with the company (with notification)
We Restrict Data Sharing
- All vendors sign Data Processing Addendums (DPAs) โ no onward sharing without our consent
- We use contractual safeguards to ensure third parties protect your data as we do
- Vendors are only given the minimum data needed for their specific purpose
Your Privacy Rights
California Residents (CCPA/CPRA)
- Right to Know: Request what personal data we collect, use, and share about you
- Right to Delete: Request deletion of your data (exceptions: legal compliance, fraud prevention)
- Right to Opt-Out of Sale/Share: We don't sell data, but you can opt out of interest-based advertising
- Right to Correct: Request we update inaccurate information
- Right to Limit Use: Restrict use of sensitive data (SSN, precise geolocation, health info)
- Non-Discrimination: We won't discriminate for exercising these rights
To exercise CCPA rights: Email privacy@ctsmobility.com with "CCPA Request" in the subject line. Verification required.
EU Residents (GDPR)
- Legal Basis: We process your data based on contract (to deliver services), consent, or legitimate business interests
- Right to Access: Request a copy of your data
- Right to Rectification: Request corrections to inaccurate data
- Right to Erasure: Request deletion ("right to be forgotten"), except where legal obligations apply
- Right to Restrict Processing: Pause processing of your data
- Right to Data Portability: Export your data in machine-readable format
- Right to Object: Opt out of marketing, profiling, or automated decision-making
EU Data Transfers: We use Standard Contractual Clauses (SCCs) and EU-US Data Privacy Framework adequacy decisions to legally transfer EU data to the US.
To exercise GDPR rights: Email privacy@ctsmobility.com with your request. Response within 30 days.
Other Jurisdictions
- UK residents: UK GDPR rights equivalent to EU GDPR
- Virginia, Colorado, Connecticut, Utah residents: Similar rights under state privacy laws
Data Security
- Encryption: All data in transit uses TLS 1.2+; sensitive data at rest encrypted (AES-256)
- Access Controls: Role-based access; employees only view data needed for their job
- Audit Logs: All access to customer data is logged and reviewed quarterly
- Incident Response: Breach notification within 30 days of discovery (per law)
- Vendor Audits: Annual security assessments of all data processors
- SOC 2 Compliance: Third-party audited controls for data handling
Cookies & Tracking
Essential Cookies (Always Active)
- Session ID: Keeps you logged in during your visit
- Theme Preference: Remembers your dark/light mode choice
- CSRF Protection: Prevents cross-site request forgery attacks
Optional Cookies (Require Consent)
- Google Analytics: Aggregated usage data (pages, time on page, geography)
- Google Ads / Conversion Pixel: Tracks if you convert after clicking our ads
- Marketing Cookies: Enables email list management and content recommendations
Manage Your Cookies
When you first visit, we'll ask for consent. You can update preferences anytime via the "Privacy Settings" link in the footer, or opt out of analytics at Google's opt-out tool.
Questions about this policy or your data? Contact our Privacy Team:
Data Protection Officer (EU/UK)
Email: dpo@ctsmobility.com
Regulatory Authorities
If you believe your data rights have been violated and we can't resolve it, you have the right to lodge a complaint with your local data protection authority.
Policy Changes
We may update this policy as our business and regulations evolve. We'll notify you of material changes via email or a prominent notice on the website. Continued use of our services after changes means you accept the updated policy.