Skip to content

Privacy Policy

Last Updated: February 18, 2026

1. Introduction

LSSI (“we,” “our,” or “us”) provides workplace safety, nurse call, duress alert, and location tracking software solutions (the “Services”).

Our Services are deployed and configured by our customers (such as dealerships and similar organizations) for use within their own operations.

In connection with the Services, LSSI acts as a Data Processor, and our customers act as the Data Controllers. Customers determine the purposes and means of processing personal information within their deployments of the Services.

2. Our Role as Data Processor

LSSI processes personal information solely on behalf of and under the instructions of our customers.

We do not determine the purposes or means of processing personal information collected through customer deployments.

If you are an employee, contractor, or end user whose information is processed through a customer’s deployment of the Services, you should direct privacy inquiries or requests to your employer or the organization that deployed the system.

3. Categories of Information Processed

Account and Administrator Information

  • Name
  • Email address
  • Role and permission level
  • Authentication and login metadata

Employee or Staff Information

  • Name or internal identifier
  • Role, department, or assignment
  • Associated device identifiers

Device and Hardware Identifiers

  • Device serial numbers
  • MAC addresses
  • BLE or LoRa identifiers
  • Gateway identifiers
  • Push notification tokens

Location Information

  • Real-time device location
  • Historical location data (subject to customer-configured retention settings)
  • BLE- or GNSS-based positioning data

Alert and Event Data

  • Duress alerts
  • Nurse call events
  • Alarm acknowledgments
  • Event timestamps
  • Device or alert state snapshots

Messaging Data

  • Internal system messages
  • Alert-related communications

Fleet or Vehicle Information (if enabled by customer)

  • VIN
  • Stock numbers
  • Vehicle descriptors

Technical and Log Information

  • IP address
  • Browser user agent
  • Access timestamps
  • System and diagnostic logs
  • License metadata

The specific data processed is determined and configured by the customer.

4. Purpose of Processing

  • Provide emergency alert and workplace safety functionality
  • Enable device supervision and location tracking
  • Support internal messaging and notifications
  • Generate reports and operational dashboards
  • Maintain system security and integrity
  • Support licensing and configuration management
  • Diagnose and resolve technical issues

We do not sell personal information.

We do not use personal information for advertising purposes.

5. Analytics and Diagnostics

The Android application includes Firebase Analytics for application performance monitoring and issue diagnosis. This may collect limited device and usage metadata for troubleshooting and system improvement purposes.

Analytics data is used for product reliability and technical issue tracking, not for advertising or marketing profiling.

6. Data Storage and Hosting

  • Customer data is stored on customer-managed infrastructure.
  • Data is stored in customer-controlled databases and server environments.
  • LSSI does not centrally host customer production systems at this time.

Limited data may be transmitted to third-party infrastructure providers strictly to enable system functionality (such as push notifications or map tile rendering).

Customers are responsible for securing their hosting environment and configuring system settings appropriately.

7. Subprocessors and Service Providers

  • Push notification providers (e.g., Firebase Cloud Messaging)
  • Analytics and performance monitoring services (e.g., Firebase Analytics)
  • Map tile providers (e.g., OpenStreetMap or Esri)
  • Email or SMS gateways (if configured by the customer)

These providers process data only as necessary to deliver technical functionality.

We do not engage advertising networks or behavioral tracking providers.

8. Data Retention

Data retention periods are determined and configured by the customer (Data Controller).

The system may include default retention settings for logs, alerts, location history, and backups. Customers are responsible for reviewing and configuring retention settings to meet their legal and operational requirements.

9. Security Measures

  • Encrypted transmission (HTTPS/TLS supported and recommended)
  • Role-based access controls
  • Audit logging
  • Secure handling of authentication credentials
  • Configurable retention controls

HTTPS is the default and preferred configuration. Customers are responsible for enforcing secure deployment configurations within their hosting environments.

10. Device Storage and Backups

The Android application may store certain data locally on the device to enable system functionality.

Device-level backup behavior may be governed by the device operating system and user settings. Customers are responsible for determining appropriate device management policies within their organization.

11. Data Subject Rights

Because LSSI acts as a Data Processor, individuals seeking to exercise rights under applicable data protection laws (such as access, correction, deletion, or restriction) should contact the organization that deployed the system.

We assist customers in responding to such requests as required by law.

12. International Data Transfers

If subprocessors are located outside the customer’s jurisdiction, data may be transferred in accordance with applicable data protection laws and contractual safeguards.

13. Changes to This Policy

We may update this Privacy Policy periodically. The updated version will be posted on our website with a revised “Last Updated” date.

14. Contact Information

LSSI
4607 Library RD
Suite 220 #1285
Bethel Park, PA 15102
Email: eng.support@lssitech.com