FleetCo

Compliance

Last Updated: January 15, 2025
Effective Date: January 15, 2025

FleetCO is committed to maintaining the highest standards of compliance, security, and data protection. This page outlines our certifications, standards, and compliance practices.

Table of Contents

1. Introduction to Compliance2. Certifications and Standards3. Security Compliance4. Industry-Specific Regulations5. Audit and Assessment6. Compliance Monitoring7. Contact Information

1. Introduction to Compliance

At FleetCO, we are committed to maintaining the highest standards of compliance across all aspects of our operations. Our comprehensive compliance program is designed to ensure that our fleet management platform meets or exceeds industry standards, regulatory requirements, and customer expectations.

This page provides an overview of our compliance certifications, security standards, and industry-specific regulations that govern our operations. We continuously monitor and update our compliance program to address evolving regulatory landscapes and emerging security threats.

Our commitment to compliance is not just about meeting regulatory requirements—it's about building trust with our customers, protecting sensitive data, and delivering reliable, secure services that businesses can depend on.

2. Certifications and Standards

FleetCO maintains several key certifications and complies with multiple industry standards to ensure the security, reliability, and quality of our services. Our certifications include:

These certifications demonstrate our commitment to maintaining robust security controls, protecting customer data, and delivering high-quality services. We regularly undergo independent audits to maintain these certifications and ensure ongoing compliance.

SOC 2 Type II

Certified

Service Organization Control 2 Type II certification for security, availability, processing integrity, confidentiality, and privacy controls.

Last audit: November 2024

ISO 27001

Certified

International standard for information security management systems (ISMS) ensuring systematic management of sensitive company information.

Last audit: October 2024

GDPR Compliance

Compliant

Compliance with the European Union's General Data Protection Regulation for data protection and privacy.

Last audit: December 2024

CCPA Compliance

Compliant

Compliance with the California Consumer Privacy Act for enhanced privacy rights and consumer protection.

Last audit: December 2024

PCI DSS

Compliant

Payment Card Industry Data Security Standard compliance for secure credit card processing.

Last audit: September 2024

ISO 9001

Certified

Quality management system certification ensuring consistent delivery of products and services that meet customer requirements.

Last audit: August 2024

3. Security Compliance

Security is at the core of our compliance program. We implement comprehensive security measures to protect customer data and ensure the integrity of our platform. Our security compliance framework includes:

Data Encryption: All data is encrypted both in transit and at rest using industry-standard encryption protocols.

Access Controls: Strict access controls and authentication mechanisms ensure that only authorized personnel can access sensitive data and systems.

Network Security: Multiple layers of network security controls, including firewalls, intrusion detection systems, and regular vulnerability scanning.

Security Monitoring: 24/7 monitoring of our systems for suspicious activities and potential security threats.

Incident Response: Comprehensive incident response procedures to quickly address and mitigate security incidents.

Vendor Management: Rigorous security assessments of third-party vendors to ensure they meet our security standards.

Regular Security Testing: Ongoing security testing, including penetration testing and vulnerability assessments, to identify and address potential security weaknesses.

We continuously evaluate and enhance our security measures to address emerging threats and vulnerabilities.

4. Industry-Specific Regulations

As a provider of fleet management solutions, we comply with various industry-specific regulations that govern transportation, logistics, and related sectors. These include:

Electronic Logging Device (ELD) Regulations: Compliance with regulations requiring electronic logging of commercial driver hours of service.

Transportation Safety Regulations: Adherence to safety standards and regulations for commercial vehicle operations.

Environmental Regulations: Compliance with emissions reporting and environmental standards for fleet operations.

International Transportation Regulations: Compliance with cross-border transportation regulations for customers operating internationally.

We stay current with changes in industry regulations and update our platform accordingly to help our customers maintain compliance with relevant requirements.

5. Audit and Assessment

Regular audits and assessments are essential components of our compliance program. We conduct and undergo various types of audits to verify compliance with security standards, regulatory requirements, and internal policies:

Independent Third-Party Audits: Regular audits by qualified independent auditors to verify compliance with SOC 2, ISO 27001, and other standards.

Internal Audits: Ongoing internal assessments of our security controls, processes, and procedures.

Vulnerability Assessments: Regular scanning and testing to identify and address potential security vulnerabilities.

Penetration Testing: Simulated cyber attacks to evaluate the security of our systems and identify potential weaknesses.

Compliance Assessments: Regular reviews to ensure ongoing compliance with applicable regulations and standards.

The results of these audits and assessments inform our continuous improvement efforts and help us maintain a robust compliance posture.

6. Compliance Monitoring

We maintain a proactive approach to compliance monitoring to ensure ongoing adherence to relevant standards and regulations. Our compliance monitoring program includes:

Continuous Monitoring: Automated tools and processes to continuously monitor compliance with security controls and regulatory requirements.

Compliance Dashboard: Real-time visibility into compliance status across various standards and regulations.

Regular Reviews: Scheduled reviews of policies, procedures, and controls to ensure they remain effective and up-to-date.

Regulatory Tracking: Monitoring of regulatory changes and updates to ensure our compliance program addresses new requirements.

Compliance Training: Regular training for employees on compliance requirements and best practices.

This comprehensive monitoring approach helps us maintain a strong compliance posture and quickly address any potential compliance issues.

7. Contact Information

If you have questions about our compliance program or need additional information about our certifications and standards, please contact our Compliance Team:

Email: compliance@fleetco.com

Phone: +260 971 196 736

Address: FleetCO Compliance Team, Lusaka, Zambia

For security-related inquiries or to report a security concern, please contact our Security Team at security@fleetco.com.

Request Compliance Documentation

If you need detailed compliance documentation, audit reports, or certifications for your vendor assessment process, please contact our compliance team. We're happy to provide the information you need under an appropriate NDA.

Compliance Team

compliance@fleetco.com

Phone Support

+260 971 196 736

Security Questionnaire