Privacy Policy v2.1

Load Connex Privacy Policy

Effective date: 29 May, 2026

Table of Contents

1. Introduction and Scope

Load Connex LLC, a Delaware limited liability company, with its principal place of business at 2940 N. Hollywood Way, Burbank, California 91505 ("LX," "we," "us," or "our"), provides fuel card, payment, rebate, credit, underwriting, transaction, fleet, telematics, logistics, software, analytics, and related technology-enabled services for carriers, factoring companies, brokers, fleets, transportation businesses, and related commercial users.

This Privacy Policy describes how LX collects, uses, stores, analyzes, discloses, transfers, and otherwise processes information in connection with:

  • our websites;
  • web portals;
  • application programming interfaces ("APIs");
  • integrations;
  • white-labeled programs;
  • fuel card programs;
  • the LX Driver App mobile application;
  • telematics and location-tracking integrations;
  • banking and financial integrations;
  • dispatch, load-management, document-management, load-tracking, vehicle-tracking, notification, and related fleet-management software and functionality;
  • communications and support services;
  • credit, underwriting, risk-management, fraud-prevention, analytics, and operational services; and
  • related products, software, applications, and services.

The foregoing are referred to collectively as the "Services."

This Privacy Policy should be read together with applicable agreements, cardholder agreements, onboarding materials, platform disclosures, integration authorizations, white-labeled program terms, and other agreements governing the Services.

Depending on the relationship and applicable law, LX may act as a business, controller, processor, service provider, platform provider, intermediary, or technology provider with respect to information processed through the Services.

The information LX collects, uses, discloses, processes, or otherwise handles may vary depending on the Services used, integrations connected, permissions granted, products enabled, counterparties involved, platform configurations, and how the Services are used.

This Privacy Policy applies to carriers, drivers, brokers, dispatchers, fleet managers, business owners, guarantors, factoring companies, salespeople, vendors, website visitors, mobile application users, API users, prospective applicants, leads, and any employees, contractors, agents, representatives, authorized users, or other individuals associated with the foregoing.

LX's Services are intended for business use only and are not intended for individuals under the age of eighteen (18).

LX may provide certain Services directly or through white-labeled programs, partner programs, factoring companies, brokers, financial institutions, sales organizations, transportation counterparties, or other commercial relationships.

If you are located outside the United States, including in Canada or Mexico, you understand and acknowledge that your information may be transferred to, processed in, accessed from, and stored in the United States and other jurisdictions where LX or its service providers operate.

2. Definitions

For purposes of this Privacy Policy:

"Application Programming Interface" or "API" means a software interface enabling systems, applications, or platforms to communicate or exchange information.

"Authorized User" means any employee, driver, dispatcher, contractor, agent, representative, or other person authorized by a carrier, factoring company, broker, fleet operator, business entity, or other user to access or use the Services.

"Business Information" means information relating to a business entity, commercial operations, fleets, loads, transactions, routes, payments, underwriting, fuel activity, or related commercial activity.

"California Consumer Privacy Act" or "CCPA" means the California Consumer Privacy Act, as amended by the California Privacy Rights Act ("CPRA").

"Connectivity Provider" means Plaid Inc. and any other provider used to facilitate banking, payment, authentication, account-connectivity, financial-data access, or similar integrations.

"Electronic Logging Device" or "ELD" means an electronic logging device, telematics platform, fleet-management system, or similar operational tracking technology.

"Engine Control Module" or "ECM" means a vehicle system or module capable of generating operational, engine, diagnostic, or telematics-related information.

"Global Positioning System" or "GPS" means a location or positioning technology capable of identifying, estimating, or transmitting geographic location information.

"Hours of Service" or "HOS" means driver operational or duty-status information maintained through ELDs, telematics systems, operational systems, or related technologies.

"Personal Information" means information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual or household.

"Sensitive Personal Information" includes categories of information such as precise geolocation data, government-issued identifiers, Social Security Numbers ("SSNs"), driver's license numbers, Commercial Driver's License ("CDL") information, financial account information, account credentials, login credentials, consumer-report information, and other information classified as sensitive under applicable law.

"Services" has the meaning given in Section 1 (Introduction and Scope).

"Third-Party Providers" means banks, payment processors, card networks, telematics providers, cloud providers, analytics providers, communications providers, underwriting providers, fraud vendors, service providers, factoring companies, digital-wallet providers, financial institutions, government and public-record sources, and other third parties involved in providing or supporting the Services.

3. Categories of Information We Collect

LX may collect information relating to users, businesses, fleets, vehicles, drivers, transactions, payments, fuel activity, underwriting, risk management, communications, platform usage, integrations, and operation of the Services.

Depending on the Services used, products enabled, integrations connected, permissions granted, and counterparties involved, LX may collect:

  • account, identity, onboarding, and business information;
  • operational, fleet, telematics, ELD, ECM, GPS, routing, and driver-activity information;
  • payment, banking, transaction, and financial information;
  • underwriting, credit, risk, fraud-prevention, and compliance information;
  • fuel-purchase, merchant, card-usage, and servicing information;
  • communications, support, and customer-service information;
  • website, device, application, analytics, and usage information;
  • load, shipment, dispatch, routing, freight, and logistics information; and
  • other information reasonably related to the provision, operation, improvement, security, underwriting, servicing, compliance, or support of the Services.

Examples of information LX may collect include names, contact information, ownership information, guarantor information, dates of birth, insurance information, FMCSA information, DOT and MC information, licensing information, vehicle information, VINs, location information, route information, trip information, ELD and telematics information, fuel-purchase information, payment information, connected banking information, communications records, browser information, device information, application information, analytics information, and related operational, servicing, underwriting, or compliance information.

Information may be provided directly by users, supplied by authorized users or counterparties, obtained from Third-Party Providers, received through integrations, collected through the LX Driver App, or generated through operation and use of the Services.

4. Sources of Information

If you access or use the Services on behalf of a business or other entity, you represent and warrant that you have authority to provide information, authorize processing activities, connect integrations, grant permissions, and otherwise act on behalf of such entity and associated users.

Users, customers, counterparties, administrators, and other parties providing information to LX represent that they have obtained all necessary rights, permissions, consents, notices, and authorizations associated with the disclosure of such information.

LX may collect information:

  • directly from users;
  • from carriers, factoring companies, brokers, dispatchers, fleet managers, employers, guarantors, financial institutions, white-labeled partners, commercial counterparties, authorized users, or other associated parties;
  • through the LX Driver App;
  • through APIs and integrations;
  • through uploaded documents and forms;
  • through communications and support interactions;
  • through cookies, analytics tools, session replay tools, tracking technologies, and similar technologies;
  • from ELD, GPS, telematics, and fleet-management providers;
  • from banks, Connectivity Providers, and financial institutions;
  • from factoring companies and factoring software;
  • from fuel networks, fuel merchants, truck stops, card networks, and payment rails;
  • from public and government sources, including FMCSA records, Secretary of State records, licensing databases, court filings, UCC filings, and other public records;
  • from commercial credit bureaus, consumer reporting agencies, underwriting providers, fraud databases, identity-verification providers, and risk-management vendors; and
  • from other Third-Party Providers and integrations.

LX may rely on representations made by users and third parties regarding their authority to share or provide information.

LX does not guarantee the accuracy, completeness, availability, or reliability of information supplied by third parties, integrations, counterparties, users, or connected providers and is not responsible for inaccuracies, omissions, delays, or provider-side limitations associated with such information.

5. How We Use Information

LX may use information to provide, operate, maintain, improve, secure, support, analyze, and administer the Services.

Depending on the Services used and the relationship involved, LX may use information for onboarding, identity verification, underwriting, re-underwriting, continuous account monitoring, credit evaluation, risk management, fraud prevention, sanctions screening, collections, dispute resolution, enforcement, payment processing, transaction servicing, communications, compliance, analytics, security, operational intelligence, software development, platform improvement, and related operational, financial, compliance, business, and security purposes.

LX may monitor accounts, transactions, connected banking activity, telematics activity, payment activity, operational activity, and related account behavior on an ongoing basis throughout the duration of the applicable commercial, servicing, financing, underwriting, or credit relationship.

LX may use ELD, ECM, GPS, HOS, telematics, vehicle, route, load, fuel, trip, and related operational information to provide operational visibility, verify activity, support underwriting and fraud prevention, optimize services, analyze operational patterns, facilitate logistics workflows, match carriers with opportunities, provide fuel-related services, and support related platform functionality.

LX may use information for fraud prevention, sanctions screening, compliance, security, anti-abuse efforts, investigations, operational reviews, audits, legal compliance, regulatory compliance, card-network compliance, fuel-network compliance, banking requirements, payment-network requirements, NACHA requirements, and related risk-management purposes.

LX may review accounts, transactions, integrations, communications, telematics information, and related activity for servicing, compliance, fraud prevention, security, operational, investigative, or enforcement purposes.

LX may use artificial intelligence, machine learning, automated systems, OCR technologies, document-processing systems, underwriting systems, fraud-detection systems, telematics analysis, predictive analytics, and related technologies to support underwriting, servicing, operations, fraud prevention, security, analytics, compliance, platform improvement, and related business purposes.

Users are responsible for providing any notices or obtaining any consents or authorizations required in connection with monitoring, telematics, workforce management, location tracking, driver tracking, or related operational activities associated with the Services.

LX may create, use, disclose, and retain aggregated, anonymized, deidentified, or statistical information for any lawful business purpose.

6. How We Disclose Information

The visibility, accessibility, and disclosure of information may vary depending on permissions, operational roles, relationships among parties, platform configurations, products enabled, integrations connected, workflows, and applicable legal or operational restrictions. Not all information is visible to all participants.

LX may disclose information to affiliates, service providers, financial institutions, factoring companies, payment providers, card networks, fuel networks, telematics providers, technology vendors, communications providers, analytics providers, integrations, commercial counterparties, and other parties involved in supporting, operating, underwriting, securing, servicing, financing, or delivering the Services.

LX may also disclose information among carriers, factoring companies, brokers, shippers, dispatchers, fleet managers, guarantors, authorized users of the foregoing parties, and other operational participants involved in the applicable operational, servicing, financing, commercial, or platform relationship.

LX may disclose information to government agencies, regulators, law enforcement, courts, auditors, insurers, attorneys, and other parties where required or permitted by law, regulation, legal process, investigation, enforcement action, or compliance obligation.

LX may disclose information in connection with mergers, acquisitions, financings, restructurings, assignments, asset sales, securitizations, bankruptcy proceedings, diligence activities, or other actual or proposed business transactions.

Users understand and acknowledge that LX may provide Services directly or indirectly through factoring companies, brokers, financial institutions, white-labeled programs, commercial counterparties, program sponsors, and related operational participants. Certain operational, servicing, account-status, payment-status, telematics, compliance, workflow, and related information may be shared with or made available to such parties in connection with the Services.

Users further understand that account administrators, authorized users, factoring companies, brokers, fleet managers, dispatchers, counterparties, and other operational participants may receive notifications, alerts, reports, or visibility regarding account activity, payment issues, disconnected bank accounts, insufficient funds, transaction issues, compliance events, telematics activity, servicing issues, operational status, or related matters associated with the Services.

LX limits access to highly sensitive information, such as full Social Security Numbers, full bank account numbers, and consumer-report contents, and generally discloses such information only to authorized parties with a legitimate business, operational, legal, compliance, servicing, underwriting, security, or fraud-prevention need to access it.

Users may invite, add, authorize, connect, or otherwise permit other users or entities to access or interact with the Services. By doing so, users understand and acknowledge that information may become visible to, accessible by, shared with, or disclosed among such users, entities, administrators, counterparties, or authorized operational participants.

LX does not sell Personal Information for monetary compensation. However, LX may disclose or share information with parties described in this Privacy Policy as necessary to provide, operate, support, secure, underwrite, finance, improve, or deliver the Services.

7. Third-Party Providers, Integrations, and Connected Services

7.1. Supplemental Notices and Relationship-Specific Terms

Additional relationship-specific disclosures, onboarding materials, integration notices, platform terms, partner disclosures, cardholder materials, or provider-specific privacy notices may supplement this Privacy Policy depending on the Services, integrations, products, counterparties, or programs involved.

7.2. Third-Party Providers and Connected Services

The Services may integrate with or interact with banks, Connectivity Providers, ELD providers, telematics providers, payment providers, fuel networks, card networks, digital-wallet providers, analytics providers, communications providers, software providers, factoring companies, government-data providers, and other Third-Party Providers.

Such Third-Party Providers may independently collect, process, analyze, store, disclose, transfer, retain, or otherwise use information. LX does not control the privacy practices, security practices, operational practices, retention practices, or data-handling practices of Third-Party Providers.

Users should review the terms, privacy policies, and data practices of Third-Party Providers before authorizing or connecting such integrations. If users have questions regarding information collected, disclosed, shared, processed, or retained by a Third-Party Provider, users should contact the applicable provider directly before authorizing or finalizing the connection.

7.3. User-Authorized Integrations

Users may authorize integrations directly, through redirects, OAuth authorizations, API authorizations, provider pop-ups, credentials, connected accounts, embedded workflows, or other authorization methods.

The scope, availability, accuracy, frequency, retention, or categories of information provided through integrations may depend on permissions granted, provider settings, provider APIs, provider capabilities, products enabled, user configurations, provider policies, and related operational or technical factors.

7.4. Provider Changes and Availability

Provider APIs, integrations, permissions, products, and available data fields may change over time without notice. Certain integrations or connected services may become unavailable, restricted, modified, interrupted, discontinued, or otherwise altered by the applicable provider.

7.5. Examples of Providers and Technologies

Examples of Third-Party Providers, analytics providers, customer-support providers, communications providers, CRM providers, onboarding providers, accounting providers, document-management providers, e-signature providers, email outreach providers, email-deliverability providers, AI providers, automation providers, and related technologies used in connection with the Services may include HubSpot, Inspectlet, Tawk.to, Google Analytics, Userflow, Median Cobrowse, Zoho CRM, LinkedIn advertising tools, Intuit QuickBooks, Xero, BoldSign, DocuSign, lemlist, lemwarm, Plaid, Equifax, CreditSafe, OpenAI, Anthropic Claude, Google Gemini, Microsoft Copilot, Roboflow, and similar providers, technologies, and services.

LX may add, remove, replace, or modify providers and technologies from time to time without notice.

8. Cookies, Tracking Technologies, Analytics, and Communications

8.1. Cookies and Similar Technologies

By using the Services, enabling permissions, connecting integrations, authorizing accounts, inviting users, participating through partner programs, utilizing white-labeled offerings, downloading the LX Driver App, or otherwise interacting with the Services, users acknowledge and consent to the collection, processing, disclosure, transfer, and operational use of information as described in this Privacy Policy to the extent permitted by law.

LX and its providers may use cookies, local storage, pixels, web beacons, analytics technologies, session replay technologies, device identifiers, application telemetry, tracking technologies, software development kits ("SDKs"), where used, and similar technologies in connection with the Services.

Such technologies may be used for authentication, security, fraud prevention, performance monitoring, functionality, analytics, troubleshooting, user support, communications, service improvement, operational intelligence, and related purposes.

Cookies and similar technologies used by LX may include authentication cookies, security cookies, session cookies, analytics cookies, and preference cookies.

8.2. Information Collected Through These Technologies

LX may collect browser information, device information, session information, usage information, interaction information, application telemetry, approximate location information, precise location information, diagnostic information, performance information, and related technical or analytics information.

LX may use session replay or interaction-monitoring technologies to better understand user interactions, improve functionality, support troubleshooting, improve user experience, support fraud prevention, maintain platform performance, and support security and operational objectives.

LX may use analytics, session replay, customer-support, communications, CRM, onboarding, advertising, and related technologies, including certain providers and technologies identified in Section 7.5, which may collect, process, analyze, or facilitate the collection of information as described in this Privacy Policy.

8.3. LX Driver App Location Information

The LX Driver App may collect precise and background location information, including when the application is not actively open or in use, subject to user permissions, operating-system settings, device settings, application settings, and applicable law.

Users may be able to revoke mobile-app permissions, disable tracking features, disconnect integrations, or otherwise exercise available controls through device settings, application settings, portal settings, or other methods made available through the Services.

8.4. Communications and Notification Preferences

Users may receive account notifications, transactional communications, support communications, servicing communications, onboarding communications, operational alerts, compliance communications, sales communications, promotional communications, SMS/text messages, emails, phone calls, and related communications from LX or parties operating in connection with the Services.

Users may manage many notification settings directly through the Services, including communication channels, notification categories, preferences, and operational settings.

Users may also be able to disable cookies, unsubscribe from certain communications, modify preferences, or otherwise exercise available controls.

9. Retention, Security, and Data Management

9.1. Retention

LX retains information for as long as reasonably necessary to provide the Services, maintain accounts, comply with legal obligations, preserve operational records, resolve disputes, enforce agreements, prevent fraud, support underwriting and risk management, maintain security, and operate the platform.

Following account closure, disconnection, termination, or inactivity, LX may continue to retain transaction records, communications, telematics information, underwriting records, risk records, compliance records, logs, backups, archives, fraud records, servicing records, and related information for legal, compliance, operational, security, analytics, evidentiary, or business purposes.

9.2. Security Safeguards and User Responsibilities

LX implements commercially reasonable administrative, technical, organizational, and physical safeguards designed to protect information from unauthorized access, use, disclosure, alteration, or destruction.

Such safeguards may include, where implemented or appropriate, authentication systems, access controls, role-based permissions, administrative safeguards, operational safeguards, vendor-management controls, secure hosting measures, backups, monitoring, fraud-prevention measures, and related security practices.

Users are responsible for protecting credentials, securing devices, managing permissions, managing authorized users, safeguarding connected accounts, and promptly reporting suspected unauthorized access or suspicious activity.

No method of transmission, storage, or security is completely secure, and LX cannot guarantee absolute security.

9.3. Deletion Requests, Backups, and Security Incidents

LX may deny deletion requests or retain information where retention is necessary or permitted for legal compliance, dispute resolution, fraud prevention, underwriting, collections, transaction history, accounting obligations, security, enforcement, operational continuity, evidentiary preservation, or other legitimate business purposes.

Deleted information may remain temporarily within backups, archives, disaster-recovery systems, logs, compliance systems, or related operational systems.

LX may investigate incidents, preserve evidence, retain logs, cooperate with law enforcement or regulators, suspend services, take protective actions, and notify affected parties where required by law.

10. Sensitive Personal Information

LX may collect, receive, process, store, analyze, disclose, and otherwise use Sensitive Personal Information for legitimate business, operational, underwriting, servicing, fraud-prevention, compliance, security, analytics, legal, and related purposes.

Sensitive Personal Information may be used to verify identity, evaluate applications, support underwriting and re-underwriting activities, facilitate transactions, manage integrations, prevent fraud, comply with legal obligations, enforce agreements, support security measures, investigate activity, manage risk, provide the Services, and support related operational functions.

LX limits access to Sensitive Personal Information to personnel, service providers, counterparties, vendors, and other authorized parties with a legitimate business, operational, legal, compliance, underwriting, servicing, security, or fraud-prevention need to access such information.

LX does not use Sensitive Personal Information to infer characteristics about individuals beyond the purposes described in this Privacy Policy except where otherwise permitted by applicable law.

Sensitive Personal Information may be retained, disclosed, transferred, and processed as necessary to provide the Services, comply with legal obligations, support underwriting and risk-management activities, prevent fraud, maintain security, enforce agreements, and support legitimate business operations.

11. Automated Decision-Making, Analytics, and AI Systems

LX may use automated systems, analytics systems, artificial intelligence ("AI"), machine learning, document-processing technologies, optical character recognition ("OCR"), fraud-detection systems, underwriting systems, telematics analysis, predictive analytics, operational intelligence systems, and related technologies in connection with the Services.

These systems may assist in underwriting, re-underwriting, account review, transaction review, fraud prevention, risk management, compliance monitoring, route and lane analysis, telematics analysis, operational verification, document review, service optimization, transaction monitoring, collections activities, analytics, and related operational decisions.

LX may use information, including documents, telematics information, transaction information, account information, operational information, and related data, to support automated workflows, analytics, platform functionality, fraud-prevention activities, operational intelligence, and service improvements.

Automated systems may be used independently or in conjunction with human review. Human review may occur before, during, or after automated processes where LX determines such review is appropriate or necessary.

Nothing in this Privacy Policy obligates LX to provide human review of any particular activity, decision, process, transaction, underwriting determination, fraud assessment, operational analysis, or related action unless otherwise required by applicable law.

12. Children's Privacy

The Services are intended solely for business and commercial use and are not directed toward children.

LX does not knowingly collect Personal Information directly from individuals under the age of eighteen (18). If LX becomes aware that Personal Information has been collected from a child in violation of applicable law, LX may take steps to delete such information and take any other action deemed appropriate.

Parents, guardians, or other individuals who believe that a child may have provided information to LX should contact LX using the contact information provided in this Privacy Policy.

13. International Transfers

LX may process, access, transfer, disclose, store, analyze, and otherwise handle information in the United States and other jurisdictions where LX, its affiliates, service providers, contractors, vendors, consultants, support personnel, software-development providers, business-process providers, financial institutions, or related operational partners conduct business.

Information may be transferred to, accessed from, or processed in jurisdictions whose data-protection laws differ from those of the jurisdiction in which the information was originally collected.

Users understand and acknowledge that LX may utilize personnel, vendors, contractors, consultants, support providers, software-development providers, operational providers, and related service providers located outside the United States, including in jurisdictions throughout North America, South America, Europe, Asia, and other regions.

Where required by law, users consent to such transfers, disclosures, processing activities, storage activities, access activities, and related international handling of information.

Authorized personnel, contractors, developers, consultants, service providers, and operational support providers located in the United States, Austria, Armenia, Colombia, and other jurisdictions may access information as reasonably necessary to provide, support, maintain, secure, develop, or operate the Services, subject to contractual, confidentiality, legal, operational, and security restrictions.

14. European Economic Area, United Kingdom, and Other International Users

LX's Services are primarily intended for businesses operating in the United States. However, users located outside the United States may access, use, or otherwise interact with the Services.

Where applicable law requires, LX may process Personal Information based on one or more lawful bases, including:

  • performance of a contract;
  • compliance with legal obligations;
  • legitimate business interests;
  • protection against fraud, abuse, security threats, and unauthorized activity;
  • establishment, exercise, or defense of legal claims; and
  • consent where required by applicable law.

Individuals located in the European Economic Area ("EEA"), United Kingdom ("UK"), or other jurisdictions with similar privacy laws may have rights relating to access, correction, deletion, restriction, portability, objection, withdrawal of consent, and other rights available under applicable law.

The availability and scope of such rights may depend on applicable law, LX's role with respect to the information, the nature of the information involved, and other relevant factors.

Requests relating to such rights may be submitted using the contact information identified in this Privacy Policy.

LX may transfer, process, access, store, and otherwise handle information internationally as described in this Privacy Policy.

15. Changes to This Privacy Policy

LX may revise, modify, supplement, or update this Privacy Policy from time to time.

Changes may occur for a variety of reasons, including changes to applicable law, regulatory requirements, business practices, operational practices, products, services, integrations, technologies, vendors, counterparties, security practices, or platform functionality.

Unless otherwise stated, changes become effective upon posting or publication by LX.

LX may communicate changes through the website, portal, mobile application, email, SMS, in-product notifications, account notices, or other communications.

Continued use of the Services following the effective date of an updated Privacy Policy constitutes acknowledgment of the updated Privacy Policy to the extent permitted by applicable law.

16. Privacy Requests & Contact Information

Users with questions regarding this Privacy Policy, privacy practices, data-handling practices, or privacy-related requests may contact LX using the information below:

Load Connex LLC
2940 N. Hollywood Way
Burbank, CA 91505
(888) 451-6888
info@LoadConnex.com
LoadConnex.com

LX may require identity verification, authority verification, account verification, or additional information before responding to privacy-related requests.

17. California Privacy Disclosures and Notice at Collection

This California Notice at Collection supplements the Privacy Policy and applies to California residents to the extent required by the California Consumer Privacy Act ("CCPA") and California Privacy Rights Act ("CPRA").

LX collects Personal Information and Sensitive Personal Information in connection with providing, operating, maintaining, supporting, securing, financing, underwriting, improving, and delivering the Services.

The categories of information collected, sources of information, business purposes for collection, categories of recipients, retention practices, and related disclosures are described throughout this Privacy Policy.

LX does not sell Personal Information for monetary compensation.

LX may disclose, share, transfer, or otherwise make information available to service providers, contractors, financial institutions, factoring companies, brokers, counterparties, integrations, vendors, affiliates, successors, and other authorized parties as described in this Privacy Policy.

LX retains information for as long as reasonably necessary to fulfill the purposes described in this Privacy Policy, comply with legal obligations, maintain operational records, support underwriting and risk-management activities, resolve disputes, enforce agreements, maintain security, prevent fraud, and support legitimate business operations.

17.1. Categories of Personal Information Collected

Depending on the Services used, products enabled, integrations connected, permissions granted, and counterparties involved, LX may collect, receive, process, or otherwise handle the following categories of Personal Information and Sensitive Personal Information:

Category of Personal InformationExamples
IdentifiersName, address, email address, phone number, account identifiers, online identifiers, IP address
Customer Records InformationBusiness information, ownership information, guarantor information, insurance information, account information
Protected Classification InformationDate of birth and other information protected under applicable law when provided to LX
Commercial InformationTransactions, purchases, fuel activity, payment activity, account activity, services used
Internet or Network Activity InformationWebsite activity, portal activity, device information, analytics information, usage information
Geolocation InformationGPS data, telematics data, vehicle location information, precise and background location information
Professional or Employment InformationDriver information, fleet information, employment-related information, FMCSA-related information
Audio, Electronic, Visual, or Similar InformationCommunications, support records, chat records, call records, uploaded documents
InferencesRisk assessments, fraud-prevention indicators, underwriting-related analytics, operational analytics
Sensitive Personal InformationSSNs, government-issued identifiers, driver's license and CDL information, financial account information, account credentials, precise geolocation information, and consumer-report information.

17.2. Categories of Recipients

LX may disclose Personal Information and Sensitive Personal Information to the following categories of recipients for business, commercial, operational, servicing, underwriting, compliance, security, analytics, and related purposes:

Categories of RecipientsExamples
Service Providers and ContractorsHosting providers, communications providers, CRM providers, analytics providers, support providers
Financial Institutions and Connectivity ProvidersBanks, Plaid, payment providers, financial-service providers
Factoring Companies and Related ProvidersFactoring companies, factoring software providers, factoring-related service providers
Brokers, Shippers, and Commercial CounterpartiesBrokers, shippers, customers, operational participants, commercial counterparties
Fuel Networks and Payment NetworksFuel merchants, fuel networks, card issuers, card networks, payment rails
Telematics and Technology ProvidersELD providers, telematics providers, fleet-management providers, integration providers
Consumer Reporting, Underwriting, and Risk ProvidersEquifax, CreditSafe, consumer reporting agencies, commercial credit bureaus, underwriting providers, fraud-prevention providers, identity-verification providers, and compliance providers
Professional AdvisorsAttorneys, auditors, consultants, insurers
Government and Regulatory AuthoritiesRegulators, courts, law enforcement, government agencies
Corporate Transaction ParticipantsBuyers, investors, lenders, acquirers, successors, financing counterparties

17.3. Sale and Sharing of Personal Information

LX does not sell Personal Information for monetary compensation. LX may disclose, share, transfer, or otherwise make Personal Information available to service providers, contractors, affiliates, successors, financial institutions, counterparties, integrations, vendors, analytics providers, communications providers, and other authorized parties as described in this Privacy Policy for business, commercial, operational, servicing, underwriting, security, compliance, analytics, fraud-prevention, risk-management, and related purposes.

LX does not knowingly sell Personal Information in exchange for monetary consideration. Certain disclosures involving analytics, advertising, communications, integration, or similar technologies may constitute "sharing" under applicable law. Any such disclosures are subject to the terms of this Privacy Policy and applicable law.

18. U.S. State Privacy Rights Addendum

This U.S. State Privacy Rights Addendum supplements the Privacy Policy and applies to residents of states whose privacy laws provide rights relating to Personal Information, including, where applicable, California, Colorado, Connecticut, Delaware, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Tennessee, Texas, Utah, Virginia, and any other jurisdiction that may adopt similar privacy legislation.

These laws may include, among others, the California Consumer Privacy Act ("CCPA"), as amended by the California Privacy Rights Act ("CPRA"), the Virginia Consumer Data Protection Act ("VCDPA"), the Colorado Privacy Act ("CPA"), the Connecticut Data Privacy Act ("CTDPA"), the Texas Data Privacy and Security Act ("TDPSA"), the Oregon Consumer Privacy Act ("OCPA"), the Montana Consumer Data Privacy Act ("MCDPA"), the Delaware Personal Data Privacy Act ("DPDPA"), the Nebraska Data Privacy Act ("NDPA"), the New Hampshire Privacy Act ("NHPA"), the New Jersey Data Privacy Act ("NJDPA"), the Indiana Consumer Data Protection Act ("ICDPA"), the Iowa Consumer Data Protection Act ("ICDPA"), the Tennessee Information Protection Act ("TIPA"), the Utah Consumer Privacy Act ("UCPA"), and similar state privacy laws.

The availability, scope, and applicability of the rights described below may vary depending on the user's state of residence, applicable law, the nature of the information involved, and LX's role with respect to the information.

In certain circumstances, applicable law may provide exemptions, limitations, or exceptions relating to business-to-business communications, commercial transactions, financial-services activities, consumer-reporting activities, fraud-prevention activities, underwriting activities, legal-compliance activities, or other categories of information or processing activities.

Nothing in this Addendum shall be construed as an admission that any particular state privacy law applies to LX, any specific processing activity, or any particular category of information in all circumstances.

18.1. Privacy Rights

Subject to applicable law, users may have rights including:

  • the right to know whether LX processes Personal Information;
  • the right to access Personal Information;
  • the right to obtain information regarding categories of Personal Information collected, used, disclosed, or processed;
  • the right to correct inaccurate Personal Information;
  • the right to request deletion of certain Personal Information;
  • the right to obtain a portable copy of certain Personal Information;
  • the right to opt out of certain forms of targeted advertising, profiling, sales, or sharing of Personal Information where required by law;
  • the right to limit certain uses of Sensitive Personal Information where applicable;
  • the right to appeal certain decisions relating to privacy requests; and
  • any additional rights available under applicable law.

These rights are not absolute and may be subject to limitations, exceptions, exemptions, verification requirements, legal obligations, security requirements, fraud-prevention considerations, operational requirements, contractual obligations, evidentiary-preservation requirements, and other lawful restrictions.

18.2. Exercising Privacy Rights

Users may submit privacy-related requests by:

LX may require identity verification, authority verification, account verification, or additional information before responding to requests.

LX may deny requests that cannot be adequately verified, are fraudulent, abusive, excessive, repetitive, prohibited by law, interfere with the rights of others, compromise security, or otherwise qualify for an exemption or exception under applicable law.

18.3. Authorized Agents

Where permitted by law, users may designate an authorized agent to submit privacy requests on their behalf.

LX may require proof of authorization, proof of identity, additional verification, or direct confirmation from the user before processing requests submitted by an authorized agent.

18.4. Appeals

Where required by applicable law, users whose requests are denied may submit an appeal using the contact methods identified in this Privacy Policy.

LX may require additional verification or information in connection with an appeal.

If an appeal is denied, users may have the right to contact or file a complaint with the applicable state regulatory authority or attorney general where permitted by law.

18.5. Non-Discrimination

LX will not unlawfully discriminate against individuals for exercising privacy rights provided under applicable law.

However, LX may continue to provide different services, features, pricing, programs, benefits, products, or offerings where such differences are permitted by law and are reasonably related to the value provided, operational requirements, underwriting considerations, risk considerations, fraud-prevention measures, contractual obligations, or other legitimate business purposes.

18.6. Global Privacy Control (GPC)

Certain web browsers and browser extensions may offer Global Privacy Control ("GPC") signals intended to communicate privacy preferences. LX recognizes qualifying browser-based opt-out preference signals, including Global Privacy Control signals, where required by applicable law and technically feasible.

The operation, effectiveness, scope, availability, and interpretation of GPC signals may depend on browser settings, device settings, technical limitations, applicable law, platform functionality, and other factors. Users who wish to exercise privacy rights or submit privacy-related requests may also do so using the methods described in this Privacy Policy.