Privacy Policy

Last updated: May 1, 2026

RideRoute ("we", "us", or "our") operates a multi-tenant Non-Emergency Medical Transportation (NEMT) management platform. This Privacy Policy explains how we collect, use, store, and protect information about our customers (NEMT operators), their end users (drivers, dispatchers, staff), and the patients whose trips are managed through our platform.

1. Introduction & Scope

This policy applies to all information processed through the RideRoute platform, including our web dashboard, mobile driver application, and associated APIs. It covers data submitted by our direct customers (the NEMT companies that subscribe to RideRoute) and the individuals who use the platform on their behalf.

RideRoute serves customers who transport patients to and from medical appointments. As a result, certain information processed on our platform may constitute Protected Health Information (PHI) under the Health Insurance Portability and Accountability Act (HIPAA). See Section 4 for our HIPAA-specific obligations.

2. What We Collect

Account & Organization Information

When a customer signs up, we collect company name, administrator name, email address, and billing information. We use this to provision a dedicated tenant environment and process subscription payments.

Trip & Scheduling Data

Customers enter trip records including pickup/drop-off addresses, scheduled times, and patient identifiers. This data is stored exclusively within the customer's isolated tenant database and is not shared across tenant boundaries.

GPS & Location Data

Our driver mobile application collects real-time GPS coordinates when a driver is on an active trip. Location data is transmitted to RideRoute servers, stored in the customer's tenant database, and used solely to provide trip tracking and dispatch functionality. Drivers must grant location permission explicitly through the mobile OS permission prompt.

Payment Information

Subscription billing is handled by Stripe. RideRoute does not store raw credit card numbers, CVVs, or full card details. We receive a tokenized payment method reference from Stripe, which we store solely to manage subscription billing events. Stripe's own privacy policy governs how Stripe handles payment data.

Usage & Technical Data

We collect standard server logs (IP addresses, browser user agents, timestamps) for security monitoring, debugging, and platform reliability purposes.

3. How We Store & Protect Your Data

  • Database-per-tenant isolation: Each customer's business data lives in a dedicated PostgreSQL database. No cross-tenant data access is possible through the application layer.
  • Encryption in transit: All data transmitted between clients and RideRoute servers is encrypted via TLS 1.2 or higher.
  • Encryption at rest: Tenant databases are stored on encrypted volumes. Backup snapshots are also encrypted.
  • Access controls: Role-based access control (RBAC) restricts what each user can see within their tenant. Employees of RideRoute with infrastructure access are subject to access reviews and principle-of-least-privilege policies.
  • Incident response: We maintain an incident response plan. In the event of a confirmed data breach affecting customer data, we will notify affected customers as required by applicable law.

4. HIPAA & Protected Health Information

Our customers — NEMT operators — are typically Covered Entities or Business Associates under HIPAA. When our customers store patient trip information (including names, addresses, and appointment details that may constitute PHI) in RideRoute, RideRoute acts as a Business Associate with respect to that PHI.

We are prepared to enter into a Business Associate Agreement (BAA) with customers who require one. To request a BAA, contact us at privacy@rideroute.app. ⚠️ TBD: Actual BAA document must be drafted and reviewed by qualified healthcare counsel before this offer can be honored.

PHI processed on behalf of a customer is stored exclusively within that customer's isolated tenant database. We do not use PHI for advertising, model training, or any purpose beyond providing the contracted services.

5. Data Retention

Pennsylvania NEMT providers are generally required to retain transportation records for a minimum of 7 years. RideRoute's default data retention policy is aligned with this requirement: customer trip data is retained for 7 years from the date of the trip unless a customer requests earlier deletion (subject to applicable legal obligations).

Records deleted through the RideRoute dashboard are soft-deleted — they are marked inactive but not immediately removed from the database. Permanent purge from backups occurs on a rolling schedule.

When a customer account is terminated, we retain tenant data for 30 days to allow for data export, after which the tenant database is scheduled for deletion. ⚠️ TBD: Actual post-termination offboarding window must be confirmed against the implemented offboarding flow.

6. Your Rights & Data Requests

Depending on your jurisdiction, you may have rights to access, correct, or request deletion of your personal data. If you are an end user of a RideRoute customer (e.g., a driver or dispatcher), please contact your organization's administrator first, as they control your account data.

To submit a data access, correction, or deletion request directly to RideRoute, email privacy@rideroute.app. We will respond within 30 days. ⚠️ TBD: This address needs a monitored inbox configured before launch.

7. Cookies & Analytics

RideRoute uses session cookies to maintain authenticated sessions in the web dashboard. These cookies are strictly necessary for platform functionality and do not track users across third-party sites.

⚠️ TBD: Analytics tooling has not been finalized. This section must be updated to accurately disclose any analytics or tracking scripts (e.g., Segment, PostHog, Google Analytics) before launch. If any analytics are added, a cookie banner may be required.

8. Third-Party Services

  • Stripe — payment processing for subscriptions. Stripe receives billing contact name and payment card details. Governed by Stripe's Privacy Policy.
  • We do not sell, rent, or share personal data with advertising networks or data brokers.
  • We will disclose data if required by law, court order, or to protect the safety of our users or the public.

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify account administrators by email at least 30 days before the changes take effect, and we will update the "Last updated" date at the top of this page. Continued use of the platform after the effective date constitutes acceptance of the revised policy.

10. Contact Us

For privacy-related inquiries, data requests, or BAA requests, please email privacy@rideroute.app.