ZIPLY FLEET - Privacy Policy

How we collect, use, and protect your information

Last Updated: April 3, 2026. At Ziply Fleet, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our fleet management platform at ziplyfleet.com and related services. By using the Service, you consent to the practices described in this policy.

1

Information We Collect

Account Information

When you create an account, we collect:

  • Name, email address, and phone number
  • Company name and job title
  • Account credentials (passwords are hashed and never stored in plain text)
  • USDOT number and MC number

Fleet and Operational Data

As you use the platform, we collect and store:

  • Driver records (personal information, CDL details, employment history, qualification files)
  • Vehicle information (unit numbers, VIN, registration, inspection records)
  • Load and dispatch records
  • Settlement and timesheet data
  • Maintenance and service logs

ELD and Hours of Service Data

When you connect an ELD provider (such as Samsara, Motive, or Geotab), we receive:

  • Hours of Service (HOS) logs and status
  • GPS location data
  • Driver Vehicle Inspection Reports (DVIRs)
  • Engine diagnostics and fault codes

Payment Information

Payment processing is handled by Stripe. We do not store credit card numbers, bank account numbers, or full payment credentials on our servers. Stripe may collect and store payment information in accordance with their own privacy policy.

Usage Data

We automatically collect:

  • Login times and session duration
  • Pages visited and features used within the dashboard
  • IP addresses and approximate geographic location
  • Browser type and device information

Driver Application Data

Through our driver application forms, we may collect:

  • Employment history and references
  • CDL information and endorsements
  • Last four digits of Social Security Number (for verification purposes only)
  • Motor vehicle records (MVR) and accident history

Documents and Signatures

We store uploaded files including driver documents, vehicle documents, carrier documents, insurance certificates, and electronic signatures collected in compliance with the ESIGN Act.

2

How We Use Your Information

We use the information we collect for the following purposes:

  • Provide and operate the Service: To deliver fleet management, dispatch, compliance, and all core platform features
  • Process billing: To manage subscriptions and process payments through Stripe
  • Send notifications: To deliver transactional emails (password resets, OTP codes, document alerts) and service updates
  • FMCSA compliance: To support safety monitoring, driver qualification file management, and regulatory compliance features
  • Customer support: To respond to your inquiries, troubleshoot issues, and provide technical assistance
  • Analytics and improvement: To monitor platform performance, identify usage trends, and improve the Service
  • Security: To detect and prevent fraud, unauthorized access, and other security threats
3

How We Share Your Information

We share your information only with the following categories of third parties, and only as necessary to operate the Service:

  • Database & Authentication Provider: Your data is hosted on secure, industry-standard cloud infrastructure with encryption at rest and in transit.
  • Payment Processor: We use a trusted third-party payment processor to handle subscription billing. Payment information is processed securely and never stored on our servers.
  • FMCSA: When you use compliance features, we may query the FMCSA SAFER system using publicly available carrier data (USDOT number, MC number).
  • ELD Providers: When you configure an ELD integration, data is exchanged between our platform and the provider you select. This integration is initiated and controlled by you.
  • Email Services: We use email services to deliver transactional messages such as password resets, verification codes, and document notifications.

We do NOT sell your personal data. We do not share your information with advertisers or data brokers. We do not use your data for targeted advertising.

We may also disclose your information if required by law, court order, or government request, or if we believe disclosure is necessary to protect the rights, property, or safety of Ziply Fleet, our users, or the public.

4

Data Retention

  • Active accounts: Your data is retained for as long as your account is active and your subscription is in good standing.
  • Cancelled accounts: After cancellation, your data is retained for 30 days to allow for data export or account reactivation. After 30 days, your data is permanently deleted from our systems.
  • Legal requirements: Certain records may be retained longer if required by law or regulation. For example, FMCSA compliance records (driver qualification files, accident registers, HOS records) may be retained for 3 or more years per federal requirements.
  • Backup systems: Data may persist in encrypted backups for a limited period after deletion from primary systems as part of our disaster recovery processes.
5

Data Security

We implement industry-standard security measures to protect your data:

  • Data encryption: All data transmitted between your device and our servers is encrypted using industry-standard encryption protocols. Data stored on our servers is also encrypted at rest.
  • Secure database connections: All connections to our database are encrypted and authenticated.
  • Role-based access control: Access to data within your organization is restricted based on user roles (Super Admin, Admin, Dispatcher, Driver Manager, Viewer).
  • Company data isolation: Your company's data is completely separated from other companies on our platform. No cross-company data access is possible.
  • Two-factor authentication: We support optional two-factor authentication for added account security. Passwords are stored using industry-standard one-way hashing.
  • Abuse prevention: Our systems include protections against brute-force attacks and unauthorized access attempts.
  • Regular security updates: We regularly update our platform and infrastructure to address known security vulnerabilities.

While we take reasonable measures to protect your data, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security.

6

Data Breach Notification

In the event of a data breach that affects your personal information, we will:

  • Notify affected users via email within 72 hours of discovering the breach
  • Provide details about the nature of the breach, the data affected, and the steps we are taking to address it
  • Cooperate fully with relevant authorities and regulatory bodies as required by applicable law
7

Your Rights

You have the following rights regarding your personal information:

  • Access: You may request a copy of the personal data we hold about you and your organization.
  • Export: You may export your data at any time through the platform or by contacting support. Upon account cancellation, data export is available for 30 days.
  • Deletion: You may request deletion of your personal data, subject to legal retention requirements (such as FMCSA compliance records that must be retained for federally mandated periods).
  • Correction: You may update or correct your personal information through your account settings or by contacting us.
  • Marketing opt-out: You may opt out of marketing communications at any time. Transactional emails (password resets, security alerts) cannot be opted out of while your account is active.

California Residents (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including:

  • The right to know what personal information we collect and how it is used
  • The right to request deletion of your personal information
  • The right to opt out of the sale of personal information (we do not sell personal information)
  • The right to non-discrimination for exercising your CCPA rights

European Users (GDPR)

If you are located in the European Economic Area (EEA) or United Kingdom, you have additional rights under the General Data Protection Regulation (GDPR), including:

  • The right to access, rectify, or erase your personal data
  • The right to restrict or object to processing of your personal data
  • The right to data portability
  • The right to withdraw consent at any time where processing is based on consent

Our legal basis for processing your data includes performance of a contract, compliance with legal obligations, and our legitimate interests in operating the Service.

To exercise any of these rights, contact us via our contact form at ziplyfleet.com/contact. We will respond to all requests within 30 days.

8

Driver GPS & Location Tracking

Ziply Fleet integrates with ELD providers that may collect GPS and location data from drivers. Important disclosures regarding location tracking:

  • Carriers (our customers) are responsible for obtaining proper consent from their drivers before enabling GPS or location tracking through ELD integrations.
  • Carriers must comply with all applicable state and federal laws regarding employee location monitoring.
  • Ziply Fleet does not independently track drivers outside of the ELD integrations configured and controlled by the carrier.
9

Cookies & Tracking

Ziply Fleet uses a minimal set of browser storage necessary to operate the Service:

  • Session tokens: We use secure session tokens stored in your browser to maintain your login session. These are essential for the Service to function.
  • UI preferences: We may store user interface preferences (such as theme, dashboard view, or sidebar state) locally in your browser.

We do not use third-party tracking cookies. We do not use advertising cookies or pixels. We do not participate in cross-site tracking or behavioral advertising networks.

For users in the EEA/UK: We use only essential cookies/storage required for the Service to function. No consent banner is required as we do not use non-essential cookies.

10

Children's Privacy

The Ziply Fleet platform is designed for use by businesses and their authorized employees. The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from anyone under 18 years of age.

If we become aware that we have collected personal information from a person under 18, we will take steps to delete that information promptly. If you believe we may have collected information from a minor, please contact us via our contact form at ziplyfleet.com/contact.

11

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will:

  • Provide at least 30 days' advance notice by email or through the Service
  • Update the "Last Updated" date at the top of this page
  • Post the revised policy on our website

Your continued use of the Service after the effective date of the revised Privacy Policy constitutes your acceptance of the changes. We encourage you to review this page periodically.

12

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Ziply Fleet
Contact: ziplyfleet.com/contact
Website: ziplyfleet.com

We will respond to all privacy-related inquiries within 30 days.