Privacy Policy

1. Privacy Summary (The TL;DR Version)

Delivery Disruptor Incorporated ("we," "us," "our") connects customers with local restaurants, home-based food producers (where legal), and delivery drivers. This Privacy Policy explains how we collect, use, protect, and share your personal information when you use our platform. We wrote this in plain English because nobody has time for legal jargon.

2. Information We Collect

2.1 Information You Provide Directly

• Account Information: Name, email, phone number, password
• Profile Details: Delivery preferences, dietary restrictions, favorite restaurants
• Delivery Information: Street address, apartment/unit number, delivery instructions
• Payment Information: Credit/debit card details, billing address (processed securely by our payment partners)
• Communication Records: Customer service interactions, reviews, feedback

2.2 Driver-Specific Information

• Identity Verification: Driver's license, vehicle registration, insurance documents
• Background Check Data: Criminal history (as permitted by law), driving record
• Vehicle Information: Make, model, license plate, photos
• Tax Information: SSN or Tax ID for 1099 reporting

2.3 Food Partner Information

• Business Details: Name, address, contact information, relevant licenses or permits
• Menu & Pricing: Food items, descriptions, pricing, availability
• Financial Information: Bank account details for payment processing
• Food Safety: Health department certifications, home processor permits (where legal, such as New York)

2.4 Automatically Collected Information

• Location Data: Precise GPS coordinates (with permission) for delivery optimization
• Device Information: Device type, operating system, unique device identifiers
• Usage Analytics: App interactions, page views, search queries, time spent
• Technical Data: IP address, browser type, referring website, crash reports

3. How We Use Your Information

3.1 The Basics (Getting Food to You)

• Order Processing: Connecting you with local food partners and getting your order started
• Delivery Coordination: Finding available drivers, figuring out the best route
• Payment Processing: Handling the money stuff, paying drivers and food partners
• Customer Support: Helping when things go wrong, processing refunds, answering questions

3.2 Making Things Better

• Understanding Usage: Seeing how people use our platform so we can improve it
• Fraud Prevention: Catching bad actors trying to game the system
• Quality Monitoring: Tracking delivery times and customer satisfaction

3.3 Staying in Touch

• Order Updates: Confirmations, delivery updates, receipt emails
• Promotional Stuff: Special offers, new food partner announcements (you can opt out anytime)
• Important Updates: Policy changes, service issues, security alerts

4. When We Share Information

4.1 Essential Service Partners

• Payment Processors: Stripe, PayPal (for secure payment handling)
• Background Check Providers: For driver verification (drivers only)
• Cloud Hosting: AWS, Google Cloud (with strict data processing agreements)
• Customer Support Tools: Help desk software for resolving issues

4.2 Within Our Platform

• Food Partners: Customer order details, delivery address (we hide last names and keep addresses secure)
• Drivers: Customer first name, delivery address, order contents
• Customers: Driver first name, photo, vehicle details, real-time location during delivery

4.3 Legal Requirements

• Court orders, subpoenas, or other legal processes
• Investigating fraud, security issues, or Terms of Service violations
• Protecting safety of users or the public
• Tax reporting (1099s for drivers earning over $600/year)

4.4 Business Transfers

If we merge with or are acquired by another company, user information may be transferred as part of the transaction. We'll notify you of any such change.

5. Cookies & Tracking Technologies

5.1 How We Use Cookies

Right now, we keep it simple. We primarily use cookies to make your experience better:

• Essential Cookies: Keep you logged in, remember your cart, keep things secure
• Preference Cookies: Remember your delivery address, favorite restaurants, app settings
• Analytics Cookies: We may use tools like Google Analytics in the future to understand how to improve our service
• Marketing Cookies: We may add these later to show you relevant offers and track how well our ads work

5.2 Your Cookie Choices

You're in control. You can manage cookies through your browser settings, though turning off essential cookies might make some features wonky. As we grow, you'll also be able to:

• Opt out of analytics if we implement them
• Control marketing cookies through your account settings
• Contact us if you need help managing your cookie preferences

6. Data Security

6.1 Technical Safeguards

• Encryption: All data transmitted using TLS 1.3 encryption
• Database Security: Encrypted storage with access controls
• Network Protection: Firewalls, intrusion detection systems
• Regular Security Audits: Third-party penetration testing

6.2 Access Controls

• Multi-factor authentication for employee access
• Role-based permissions (employees only see data necessary for their job)
• Regular access reviews and employee security training

6.3 Incident Response

In the unlikely event of a data breach, we will:

1. Immediately secure the affected systems
2. Assess the scope and impact
3. Notify affected users within 72 hours
4. Report to relevant authorities as required by law
5. Provide credit monitoring services if sensitive data was compromised

7. Data Retention

7.1 Retention Periods

• Active Accounts: Data retained while account is active and for 3 years after last activity
• Transaction Records: 7 years (tax and legal compliance)
• Driver Background Checks: 3 years after driver relationship ends
• Marketing Communications: Until you unsubscribe or 5 years of inactivity
• Support Tickets: 2 years for quality assurance purposes

7.2 Deletion Process

When data is no longer needed, we:

• Securely delete personal identifiers
• Convert transactional data to anonymous analytics
• Maintain legal compliance records as required

8. Your Privacy Rights

8.1 Universal Rights

Regardless of your location, you have the right to:

• Access: Request a copy of your personal data
• Correction: Update inaccurate or incomplete information
• Deletion: Request deletion of your data (subject to legal requirements)
• Portability: Receive your data in a machine-readable format
• Opt-out: Unsubscribe from marketing communications

8.2 How to Exercise Your Rights

• In-App: Use account settings to update profile information
• Email: Contact [email protected]
• Response Time: We'll respond to requests within 30 days
• Verification: We may need to verify your identity before processing requests

9. State-Specific Privacy Rights

9.1 California Residents (CCPA/CPRA)

California residents have additional rights including:

• Right to Know: Detailed information about data collection and sharing
• Right to Delete: Request deletion of personal information
• Right to Opt-Out: Opt out of data sales (we don't sell data)
• Right to Non-Discrimination: Equal service regardless of privacy choices
• Right to Correct: Request correction of inaccurate data

9.2 Other State Laws

We comply with privacy laws in Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), and other states where applicable.

10. International Users

10.1 GDPR Compliance (EU/UK Users)

For European users, we provide additional protections including:

• Lawful basis for all data processing
• Right to object to processing
• Right to restrict processing
• Right to lodge complaints with supervisory authorities
• Data Protection Officer contact: [email protected]

10.2 Data Transfers

We use Standard Contractual Clauses approved by the European Commission for international data transfers.

11. Children's Privacy

If we discover that we've collected information from someone under 18, we will:

• Immediately delete the account and associated data
• Notify the user (if possible) about the account closure
• Implement additional safeguards to prevent future occurrences

12. Third-Party Services

12.1 Links to Other Websites

Our platform may contain links to food partner websites, social media, or other services. Just so you know, we're not responsible for how they handle your privacy.

12.2 Services We May Use

We currently integrate with or may add in the future:

• Google Maps: For location services (Google has their own privacy policy for this)
• Google Analytics: We may add this to better understand how people use our platform
• Social Media: If you choose to connect your social accounts
• Food Partner Systems: To process orders smoothly

13. Policy Updates

We may update this Privacy Policy to reflect:

• Changes in our services or business practices
• New legal requirements
• Enhanced security measures
• User feedback and suggestions

13.1 How We Notify You

• Major Changes: Email notification 30 days before implementation
• Minor Updates: In-app notification and updated "Last Modified" date
• Version History: Available upon request