PRIVACY POLICY

iDispatch Solutions (“iDispatch,” “we,” “us,” or “our”) provides software and human-assisted dispatch services for transportation operators. This Privacy Policy explains what information we collect, how we use it, who we share it with, and the choices you have.

This policy covers our marketing website at idispatchsolutions.com, the iDispatch web application, APIs, integrations with third-party booking platforms, and any related services (together, the “Services”).

Information you provide

• Account data: name, email, phone number, password, company, role, and profile image.
• Organization data: company name, business type, address, logo, branding, contact details, and subscription tier.
• Operational data: trip records, driver assignments, vehicle information, routes, passenger details entered by dispatchers, fare breakdowns, and internal notes.
• Support data: tickets, messages, attachments, and any information you share when contacting us.
• Payment data: billing contact information (payment card details are handled by our payment processor and never stored on our servers).

Information collected automatically

• Device and log data: IP address, browser type, operating system, referring URL, pages viewed, and timestamps.
• Usage data: feature interactions, trip status transitions, sync activity, and audit events.
• Location data: approximate location derived from IP address and, where enabled by dispatchers, driver GPS coordinates used to power live dispatch.
• Cookies and similar technologies: described in our cookie banner and Section 7 below.

Information from third parties

When you connect a booking platform (for example a reservation system or aggregator), we receive trip data, customer details, and status updates from that platform through its API. We may also receive authentication data from single sign-on providers such as Google when you choose to sign in with them.

We process information to:

• Provide, maintain, and improve the Services, including live dispatch, trip assignment, and platform integrations.
• Authenticate users, manage sessions, and secure accounts.
• Send transactional emails such as verification codes, password resets, invitations, SLA warnings, and sync error alerts.
• Deliver customer support and respond to requests.
• Monitor performance, detect abuse, and prevent fraud or unauthorized access.
• Comply with legal obligations, enforce our terms, and protect our rights and those of our users.
• With your consent, send marketing communications and measure their effectiveness.

If you are located in the European Economic Area or the United Kingdom, we rely on the following legal bases under the GDPR:

• Contract: to provide the Services you or your organization have signed up for.
• Legitimate interests: to secure the Services, prevent abuse, analyze usage, and improve our platform, balanced against your rights and expectations.
• Consent: for non-essential cookies, direct marketing, and other purposes where consent is required. You can withdraw consent at any time.
• Legal obligation: to comply with laws and regulatory requirements.

We share personal information only as described below:

Within your organization

Dispatchers and administrators at your company can access data associated with your tenant, according to the roles configured by your organization owner.

Service providers

We use vetted sub-processors to operate the Services, including:

• Cloud hosting and database providers (e.g. Vercel, Neon).
• Authentication services.
• Transactional email delivery (e.g. Resend).
• Background job processing (e.g. Trigger.dev).
• Analytics and product telemetry tools (subject to cookie consent).
• Payment processors for billing.
• Customer support and communications tools.

Sub-processors are contractually required to protect personal data and use it only for the purposes we authorize. A current list is available on request.

Booking platforms

When you configure an integration, we exchange trip and status data with that platform. Their use of your data is governed by their own privacy policy.

Legal and safety

We may disclose information to comply with valid legal process, protect our rights or property, enforce our terms, or protect the safety of users or the public.

Business transfers

If iDispatch is involved in a merger, acquisition, or sale of assets, personal information may be transferred as part of that transaction, subject to standard confidentiality protections.

We keep personal data for as long as your account is active and for the period necessary to provide the Services, comply with legal obligations, resolve disputes, and enforce agreements. Typical retention periods:

• Account and organization records: life of the account plus up to 2 years.
• Operational trip, driver, and audit data: up to 7 years (to meet common regulatory and insurance requirements in the transportation industry).
• Support tickets: 3 years after closure.
• Authentication logs: up to 12 months.
• Marketing preferences: until you opt out.

When data is no longer needed, we delete or anonymize it. Backups are purged on a rolling schedule.

We use cookies and similar technologies to keep the Services secure, remember preferences, measure usage, and, where permitted, support marketing. We group cookies into three categories:

• Strictly necessary: required for the site to function (authentication, load balancing, consent storage). These cannot be turned off.
• Analytics: help us understand how the site is used so we can improve it.
• Marketing: help us deliver relevant content and measure campaign effectiveness.

When you first visit our site we present a cookie banner. You can change your preferences at any time by clearing the idispatch-consent cookie or by contacting us. Most browsers also let you block or delete cookies directly.

Depending on where you live, you may have the following rights:

• Access the personal information we hold about you.
• Correct inaccurate or incomplete information.
• Delete personal information, subject to legal retention requirements.
• Restrict or object to certain processing.
• Request a portable copy of your data in a commonly used format.
• Withdraw consent you have given, without affecting the lawfulness of prior processing.
• Lodge a complaint with a data protection authority.

California residents have additional rights under the CCPA/CPRA, including the right to know the categories of personal information collected, the right to delete, the right to correct, and the right to opt out of sale or sharing of personal information. iDispatch does not sell personal information.

To exercise any of these rights, email privacy@idispatchsolutions.com. If your data is processed on behalf of a customer, we will forward your request to them.

We maintain administrative, technical, and physical safeguards designed to protect personal information, including encryption in transit and at rest, access controls, audit logs, and regular security reviews. Our platform is built on SOC 2-aligned infrastructure.

No method of transmission or storage is completely secure. If we become aware of a breach that affects your personal information, we will notify you and any applicable authorities as required by law.

iDispatch is headquartered in the United States and processes personal data there and in other regions where our sub-processors operate. When we transfer personal data outside your country, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses, the UK International Data Transfer Addendum, or equivalent mechanisms.

The Services are designed for business use by transportation companies and are not directed to children under 16. We do not knowingly collect personal information from children. If you believe a child has provided us information, please contact us and we will delete it.

We may update this Privacy Policy from time to time. When we make material changes, we will revise the “Last updated” date and, where appropriate, notify you by email or in-app notice before the changes take effect.

If you have questions about this Privacy Policy or how we handle personal information, contact our privacy team:

• Email: privacy@idispatchsolutions.com
• Mail: iDispatch Solutions, Attn: Privacy, United States (full mailing address available on request).