Legal
Data Processing & Security
High-level data-processing and security posture for business discussions.
Last updated: 18 July 2026
1. Purpose of This Page
This page gives a high-level overview for business discussions. It is not a substitute for a signed data-processing agreement, security schedule, statement of work, customer contract, technical architecture document, or compliance certification.
2. Processing Overview
Depending on the deployment, Lamrod products may process operational signals such as vehicle location, trip activity, driver or asset identifiers, camera events, video or image references, sensor readings, device status, alerts, user activity, reports, integration data, and customer-configured workflow information.
3. Roles and Responsibilities
For customer deployments, the customer typically determines the purpose, users, assets, locations, devices, retention needs, permitted workflows, and internal access rules. Lamrod may provide software, configuration, support, integrations, and processing services as agreed in writing.
4. Customer Configuration
Actual data categories, retention periods, access roles, integrations, device configuration, camera usage, event rules, alert workflows, exports, reporting, and user permissions should be defined with each customer before production deployment.
5. Access Control
Business deployments should use role-based access practices so users see information relevant to their responsibility. Customers should confirm administrators, user groups, approval flows, account creation, account removal, review responsibilities, and escalation paths.
6. Security Practices
Lamrod should apply reasonable technical and organisational safeguards for business systems and operational data. Specific security commitments, encryption details, audit requirements, hosting model, backup posture, incident timelines, certifications, and security controls must be confirmed in the applicable agreement.
7. Operational Media and Visual Data
Where cameras, ANPR, road-condition workflows, safety review, or other visual intelligence workflows are enabled, customers should confirm camera placement, signage, lawful basis, access permissions, review roles, storage duration, sharing rules, and internal policies before use.
8. Retention and Deletion
Retention periods for operational data, media, reports, logs, exports, alerts, analytics, and backups should be agreed based on customer requirements, product configuration, legal needs, operational needs, and storage considerations. Deletion or export requests should follow the agreed customer process.
9. Integrations and Sub-Processors
Where Lamrod integrates with third-party systems, devices, cloud services, communication channels, APIs, maps, or customer software, the relevant data flows, provider responsibilities, access boundaries, security assumptions, and sub-processor usage should be reviewed for the deployment.
10. Incident and Support Process
Customers should confirm support contacts, incident reporting routes, severity definitions, business hours, escalation paths, responsible teams, and notification expectations before production use. Any mandatory incident notice period must be stated in the customer agreement.
11. Data Exports and Reports
Exports, reports, screenshots, media clips, analytics, audit records, and operational records may contain sensitive business or personal information. Customers should manage sharing, retention, and access to exported data according to their internal policies and applicable law.
12. Deployment Review
Before production deployment, customers should confirm operating procedures for users, access approval, privacy notices, camera and sensor governance, retention, incident handling, data export, account closure, support escalation, and internal accountability.
13. Contact
For data-processing and security discussions, contact Lamrod at [email protected].
