TSD — Operator Privacy Notice & Consent
For: people who use the TSD app at work — pickers, warehouse workers, sales representatives, drivers, logistics staff, and administrators ("Operators", "you").
Effective date: 2026-06-27
This short notice explains what data the TSD app and its backend process about you when you use it for work, who is responsible, and your rights. It is provided under the Israeli Protection of Privacy Law, 5741‑1981 (as amended, including Amendment 13) and, where applicable, the GDPR. Plain-language summary first; the full details are in the Privacy Policy.
Who is responsible for your data
- Your employer (the company that gave you the device/login — the "Customer") is the controller of your work identity and the business data you handle in the app. Direct most requests (e.g. correcting your name or role) to your employer.
- Kadimasoft (Peter Gimpeliovsky) provides the app and backend, and is the controller of operational/technical data it collects to run and secure the service (telemetry, crash reports, security logs).
What we process about you
When you log in and use the app, the following data about you is processed:
- Your identity at work: your ERP username, your display name, and your roles and permissions (so the app shows you the right screens).
- Your device: a random device identifier, the device model, OS and app version, and the device's IP address — for security and support.
- Sign-in security: authentication tokens (kept encrypted on the device; on the server a refresh token is kept only as a hash so it can be revoked).
- What you do in the app (work activity): a log of significant actions you take (for example, picking a line, creating a delivery from an order, or a failed operation), with timestamps and the related document — for security, accountability, and troubleshooting.
- Performance metrics (aggregate): once a day the app sends technical metrics such as sync and scan latencies, success rates, and data volumes. These describe how the app and device perform, not the content of your work.
- Crash reports: if the app crashes, diagnostic data is sent to our crash provider to help us fix it.
- Telegram (only if you choose): if you connect the manager-helper bot, your Telegram chat id, username, and the messages you exchange with it are processed.
What we do not do: we do not track your location, we do not read your personal contacts, photos, or files, and barcode scanning happens on the device — camera images are not uploaded. The app is a work tool; it is not for covert monitoring of employees.
Why, and on what basis
We process this data to: let you sign in and work; keep the service and your employer's data secure; revoke access on a lost or stolen device; support you; and keep the app reliable. The legal basis is the performance of your employer's contract with us and our (and your employer's) legitimate interests in a secure, working service, and — for things like connecting Telegram — your consent, which you can withdraw at any time.
Who can see it
- Your employer can see your work identity and activity within the app, as the controller of that data.
- Kadimasoft sees technical and security data to run the service.
- Service providers that help us operate (hosting in Germany (EU); Google for push and crash reporting; Telegram if you connect it) — see the Privacy Policy §5. Some of these (Google) may process data outside Israel/the EEA under appropriate safeguards.
We do not sell your data.
How long we keep it
Authentication tokens are short-lived (refresh tokens expire after 90 days or when you log out). Technical telemetry, device records, and activity logs are kept for up to 24 months and then deleted or aggregated. Your work-identity records are kept while you are an authorised user of the app and removed when your employer off-boards you.
Your rights
You can ask to access, correct, or delete data about you, and to object to or restrict certain processing. Because your employer controls your work data, please send those requests to your employer first; for the technical/security data we control, contact us at kadimaonly@gmail.com. You can also complain to the Israeli Privacy Protection Authority (הרשות להגנת הפרטיות) or, in the EEA, your local supervisory authority.
Consent (acknowledgement)
I confirm that I have read and understood this Operator Privacy Notice. I understand that the TSD app processes my work identity, device and security data, and a log of my work activity for the purposes described, and that connecting the manager-helper bot via Telegram is optional and based on my consent.
Operator name: ____ Signature: ___ Date: _____
This consent/acknowledgement is provided by the employer (Customer) to the Operator. It supports — but does not replace — the employer's own duties under employee-privacy law to notify staff about monitoring at work. Employers should confirm with their own counsel whether separate, more detailed employee-monitoring consent is required for their workforce.