Privacy Policy of NDrivers
| Topic | Summary |
|---|---|
| Information Collected | Identifiers, contact details, ride details, payment metadata, device & network data, cookies and analytics. |
| Primary Uses | Provide and operate services, payment processing, customer communication, safety and fraud prevention, legal compliance. |
| Sharing | Service providers, legal requests, business transfers. No commercial sale of personal data. |
| Retention | Retained only as necessary for operational, tax, audit and legal obligations; anonymization or deletion thereafter. |
| Your Rights | Access, correction, deletion, portability, objection, and other rights under applicable law (GDPR, CCPA). |
1. Overview and Scope
This Privacy Policy (the “Policy”) describes the manner in which NDrivers (the “Company”, “we”, “us” or “our”) collects, stores, uses, discloses and otherwise processes personal information in connection with our website, mobile applications and related services (collectively, the “Services”). This Policy applies to individuals who interact with our Services, including riders, prospective riders, business contacts, and visitors to our websites (collectively, “you” or “Users”).
1.1 Legal Notice
The Policy is intended to describe our practices and rights in plain legal terms, but it does not create any contractual rights nor modify any pre-existing agreements you may have with the Company. For specific contractual terms governing the provision of services, please consult our Terms of Service and any booking confirmation or invoice issued to you.
2. Definitions
- Personal Information: any information that identifies, or can reasonably be used to identify, an individual, including but not limited to name, email address, telephone number, postal address, payment information and location data.
- Processing: any operation performed on Personal Information including collection, organization, storage, use, disclosure, erasure and other handling.
- Service Providers: third-party vendors and contractors engaged to provide operational or technical services on our behalf.
3. Categories of Information Collected
We collect the following categories of information from users, as described below. Collection may occur when you provide information directly, when you use the Services, or when information is automatically collected through the use of cookies and similar technologies.
3.1 Identifiers and Contact Information
Name, postal address, email address, telephone number, billing address, and payment instrument metadata (e.g., last four digits) necessary to process payments. We do not retain full card numbers on our servers — tokenized or third-party processors are used where applicable.
3.2 Ride-related Information
Pickup and drop-off locations, scheduling details, trip distance and duration, rider preferences, communications and notes associated with a booking, and feedback submitted by riders.
3.3 Technical & Device Data
IP address, browser type and version, operating system, device identifiers, mobile carrier, language, referral URL and other log data necessary for diagnostics, analytics and security.
3.4 Location Data
Precise or approximate geolocation information where you have enabled location services, collected to enable routing, provide ETAs and to facilitate pickup and drop-off operations.
3.5 Cookies and Tracking
Cookies, web beacons, pixels and similar tracking technologies for analytics, session management, fraud prevention and to remember preferences.
4. Purposes and Legal Bases for Processing
We process Personal Information for the following purposes, and where required by law, we rely on appropriate legal bases:
- Performance of Contract: processing necessary to provide the Services you request, to manage bookings, coordinate drivers and complete transactions.
- Legitimate Interests: improving and securing the Services, detecting fraud and abuse, network and information security, and business analytics. Where we rely on legitimate interests, we conduct balancing tests to ensure rights of individuals are respected.
- Legal Compliance: responding to lawful requests by public authorities and complying with legal obligations.
- Consent: where applicable, for optional marketing communications and certain cookies; you may withdraw consent where applicable.
5. Disclosure and Sharing
We do not sell personal information. We may disclose Personal Information in the following circumstances:
- Service Providers: authorized third parties who provide payment processing, email delivery, hosting, analytics, mapping, and other infrastructure services.
- Legal and Safety Reasons: to respond to lawful requests by public authorities, to defend or exercise legal rights, and to protect the safety of Users or the public.
- Business Transfers: in connection with a reorganization, merger, sale, financing or acquisition of all or a portion of our assets.
When we engage third parties, we use contractual safeguards to limit their use of data and require reasonable security protections.
6. Data Retention and Deletion
We retain Personal Information only for as long as is necessary to fulfill the purposes for which it was collected, subject to legal, tax and accounting requirements. Retention periods may vary by data category; for example:
- Trip records, receipts and billing information — typically retained for a period required by tax and accounting rules (commonly 3–7 years).
- Support communications and complaint records — retained as needed for dispute resolution and quality control (commonly 2–5 years).
- Backups and archived logs — retained in anonymized or limited form for operational continuity and security monitoring.
Upon request and subject to verification, we will delete Personal Information in accordance with applicable law and our internal procedures, unless retention is required by law or a legitimate business purpose.
7. Security Measures
We implement administrative, technical and physical safeguards commensurate with the sensitivity of the data, including encryption in transit, access controls, monitoring, vulnerability management and employee training. However, no system is completely immune to breach. If a security incident affects Personal Information we control, we will comply with applicable breach notification laws and notify affected individuals and authorities as required.
8. International Transfers
Personal Information may be processed and stored in jurisdictions other than your country of residence. Where required by law, we use safeguards such as standard contractual clauses, appropriate local legal mechanisms, or ensure processing occurs in jurisdictions with adequate protections.
9. Third-Party Services and Links
Our Services may interoperate with third-party services (e.g., mapping, payment processors, analytics providers). Those services have independent privacy policies and practices. We are not responsible for the processing activities of such third parties. You should review their policies before providing personal information.
10. Your Rights; How to Exercise Them
Subject to applicable law, you may have the right to:
- Request access to Personal Information we hold about you.
- Request correction or updating of inaccurate or incomplete Personal Information.
- Request deletion of Personal Information (subject to legal exceptions).
- Object to or restrict certain processing activities.
- Request portability of Personal Information in a commonly used machine-readable format.
To exercise your rights, contact us at the address below. We will require reasonable verification of identity before fulfilling requests. Some requests may be denied where lawfully permitted (for example, to preserve records for legal compliance or to prevent fraud).
11. California Privacy Rights (CCPA/CPRA)
If you are a California resident, you may have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), including the right to know, delete, and opt-out of sale or sharing of personal information. We do not sell your personal information. To submit a request under California law, please contact us as described below.
12. European Residents (GDPR)
Where the GDPR applies, you may request access, rectification, erasure, restriction of processing or portability. Where processing is based on consent, you may withdraw consent at any time. For legal bases relying on legitimate interests, we will balance those interests against your rights. You may lodge a complaint with a supervisory authority in your EU member state.
13. Automated Decision-Making and Profiling
We generally do not perform automated decision-making that produces legal or similarly significant effects. We may use automated systems to calculate estimated fares, recommended routes or arrival times; such processing is limited and intended to improve operational efficiency. If automated decisions materially affect you, we will provide information about the logic involved and your rights where required by law.
14. Children’s Privacy
The Services are not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If we discover that we have inadvertently collected personal information from a child under 13, we will take steps to delete such information as soon as practicable.
15. Changes to this Policy
We may update this Policy from time to time to reflect changes to our practices, legal requirements, or service features. We will post a revised Policy with an updated effective date. Continued use of the Services after posting constitutes acceptance of the revised Policy.
16. Contact
For privacy inquiries, requests to exercise your rights, or other questions regarding this Policy, contact:
NDrivers
Email: info@ndrivers.com
Telephone: 949-696-6979
Address: NDrivers (mail correspondence), — (address on file)
This Policy is provided for informational purposes and does not constitute legal advice. For privacy law compliance tailored to your jurisdiction or specific business operations, consult qualified counsel.