top of page
Man Using Smartphone

Privacy Statement

Contents

  • Introduction

  • Information We Collect

  • How We Use Information

  • Service Providers & Sharing

  • Data Retention

  • Children’s Privacy

  • Use of the DriverAI services

  • When and how we share information with third parties

  • Transferring personal data to the U.S.

  • Data Subject rights

  • Security of your information

  • Data storage and retention

  • Questions, concerns, or complaints 

1) Introduction

This Privacy Policy explains how we collect, use, share, and protect information when you use ZipE (the “App”) and related services (the “Services”). By using the App or the Services, you agree to the practices described in this Policy.

2) Information We Collect

We collect information in the following categories, depending on how you use the App and Services and the features you enable.

 

A. Account & Identity Data

We may collect the following information to create, manage, and secure your account:

  • Email Address – Used for account creation, login, customer support, and service notifications

  • Phone Number (Multi-Factor Authentication) – Used to send one-time passcodes where multi-factor authentication is enabled

  • Social Login Data – When you choose to sign in through a third-party provider, we receive a unique user identifier and basic profile information (such as name, email address, and profile photo), subject to your provider’s settings

  • Location Data – Used to deliver location-based features and customize shopping experiences

  • Camera Data – Used to support environmental mapping and enhance personalized shopping and navigation experiences

​​

B. App Activity & Usage Data

We collect information about how you interact with the App and Services, including:

  • Usage Events – Such as feature usage, session duration, and interaction patterns, used to operate, troubleshoot, and improve the Services

  • User Preferences and Settings – Information you configure within the App to personalize your experience

 

C. Device & Log Data (Diagnostics)

We collect technical and diagnostic information to maintain system security and performance, including:

  • Device Information – Device model, operating system version, and App version

  • Device Identifiers – Identifiers provided by your operating system or device

  • Log Data – IP address, timestamps, error reports, crash data, and diagnostic records

​

D. Content You Provide

We collect information you voluntarily submit through your use of the Services, including:

  • User Communications – Information submitted through forms, feedback tools, messages, or customer support requests

  • Optional Feature Data – If you enable features requiring device permissions (such as camera access), we request your consent at the time of use and use this data only to provide the related functionality and customized shopping experiences

If you decline optional permissions, certain features may function with reduced accuracy or limited capability.

 

E. Information from Third-Party Sources

From time to time, DriverAI may receive personal information from third-party sources, including:

  • Business partners

  • Marketing and analytics providers

  • Publicly available sources such as professional networking platforms (e.g., LinkedIn)

  • This information typically includes additional details about an individual’s employer, role, industry, or professional background and is used to enhance our services and business communications.

3) How We Use Information

We use information to:

  • Provide and operate the App (account creation, authentication, MFA, core functionality)

  • Secure the Services (fraud prevention, abuse detection, account security)

  • Communicate with you (service messages, support responses, important updates)

  • Improve performance and reliability (debugging, crash analysis, feature improvements)

  • Comply with legal obligations and enforce our terms

4) Service Providers & Sharing

We may share information only as needed to provide the Services, including with:

  • Cloud and infrastructure providers (hosting, databases, security, logging)

  • Identity and authentication providers (login and user management)

  • SMS/MFA delivery providers (to send verification codes)

  • Analytics/monitoring providers to understand performance and reliability

For example, our backend may be hosted on Amazon Web Services and may use services such as Cognito (authentication) and SNS (SMS delivery for MFA). Data is processed by these providers under agreements intended to protect it.
We do not sell your personally identifiable information (PII).

SMS OTP (MFA) Messaging: Opt-In / Opt-Out / HELP / STOP

 If you provide a phone number for multi-factor authentication (MFA), ZipE may send you one-time passcodes (OTPs) via SMS to verify your identity during sign-up and login and to help secure your account. These messages are transactional/security messages and are not marketing.
Opt-In: You opt in to receive OTP SMS messages by entering your mobile phone number in the App and initiating verification (for example, by tapping “Send code,” “Continue,” or similar). We send OTP messages only in response to a user-initiated verification request.
 

Message frequency: Message frequency varies based on your authentication activity (typically one message per sign-in/sign-up attempt and any resend requests).
 

Costs: Message and data rates may apply depending on your mobile carrier plan.
 

Opt-Out (STOP): You can opt out of receiving SMS messages at any time by replying STOP to a message. If you opt out, you may no longer be able to receive SMS-based OTPs. Because SMS MFA may be required for account access, opting out may prevent you from logging in until you re-enable SMS delivery or use an alternative verification method (if available).
 

Re-subscribe (UNSTOP/START): If you previously opted out, you may be able to re-subscribe by replying UNSTOP (or START, where supported) and then requesting a new OTP in the app.
 

Help (HELP) / Support: For help, you may reply HELP (where supported) or contact us at Security@Driverai.io.

Legal Basis for Processing (GDPR Article 6(1)(f))

DriverAI processes this personal data on the basis of its legitimate interests, pursuant to Article 6(1)(f) of the General Data Protection Regulation (GDPR). These legitimate interests include operating and securing the website, improving functionality and usability, understanding user behavior and preferences, and ensuring that DriverAI’s services, communications, and operational resources are aligned with the needs of visitors, customers, and prospective customers.
 

DriverAI has assessed that its legitimate interests are not overridden by the rights or freedoms of data subjects, as the data collected is limited, used in an aggregated and non-intrusive manner, and does not result in significant privacy impacts. Where required by applicable law, DriverAI provides appropriate transparency and choice mechanisms.

Right to Object (GDPR Article 21)

Where DriverAI processes personal data on the basis of its legitimate interests pursuant to Article 6(1)(f) of the GDPR, data subjects have the right to object to such processing at any time on grounds relating to their particular situation, in accordance with Article 21 of the GDPR.
 

If an objection is raised, DriverAI will cease processing the personal data unless it demonstrates compelling legitimate grounds for the processing that override the interests, rights, and freedoms of the data subject, or where the processing is necessary for the establishment, exercise, or defense of legal claims.
 

Data subjects may exercise their right to object by contacting DriverAI using the contact details provided in this Privacy Notice.

Cookies and tracking technologies

DriverAI provides a comprehensive Cookie Notice that describes the cookies and similar tracking technologies used on the DriverAI website, including their purposes and duration. The Cookie Notice explains how users can manage their cookie preferences, including how to opt out of the sale or sharing of personal information for cross-context behavioral advertising, as defined under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA).
 

California residents may exercise their rights to limit the use of certain cookies and tracking technologies by adjusting their preferences through the Cookie Notice or by using applicable browser-level privacy controls, such as Global Privacy Control (GPC) signals, where supported. To review the Cookie Notice, please click Cookie Notice.
 

DriverAI does not disclose personal data to individuals or entities outside of DriverAI for their independent use except in the following circumstances:

  1. Where you have requested or expressly authorized the disclosure;

  2. In connection with DriverAI-hosted or DriverAI-co-sponsored events or conferences, as described elsewhere in this Privacy Notice;

  3. Where disclosure is required to comply with applicable law, regulation, legal process, or governmental request (including subpoenas, court orders, or requests from law enforcement), to enforce agreements, or to protect the rights, property, or safety of DriverAI, its employees, users, or others;

  4. Where disclosure is made to trusted agents, vendors, contractors, or service providers that perform services on DriverAI’s behalf and are contractually obligated to protect personal data and use it solely for authorized purposes;

  5. To respond to emergencies, natural disasters, or force majeure events; or

  6. To address disputes, claims, or legal proceedings, or to disclose information to individuals or entities with demonstrated legal authority to act on your behalf.

CCPA/CPRA Notice Regarding Sale or Sharing of Personal Information

DriverAI does not sell personal information as defined under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA). DriverAI also does not share personal information for purposes of cross-context behavioral advertising, except where a consumer has provided explicit consent or where such sharing is permitted under applicable law. Any disclosures to service providers or contractors are made pursuant to written agreements that restrict the use of personal information in accordance with CCPA/CPRA requirements.
 

DriverAI may collect, use, and disclose aggregated or de-identified information relating to its website visitors, users, and services. Such information does not identify individuals and is not considered personal information under the CCPA or CPRA. Aggregated or de-identified data may be shared with partners, service providers, advertisers, or other third parties for analytical, statistical, marketing, or promotional purposes.
 

The DriverAI website may contain links to or integrations with third-party services and platforms, such as Facebook, LinkedIn, Twitter (X), and similar services. If you choose to interact with or share information through these third-party services, your activity will be governed by the privacy policies of those services. If you are logged into a third-party account, those platforms may be able to associate your interaction with the DriverAI website with your personal data held by that third party.

Transferring personal data to the U.S.

DriverAI has its headquarters in the United States. Information we collect about you will be processed in the United States. By using DriverAI’s services, you acknowledge that your personal information will be processed in the United States. The United States has not sought nor received a finding of “adequacy” from the European Union under Article 45 of the GDPR. Pursuant to Article 46 of the GDPR, DriverAI is providing for appropriate safeguards by entering binding, standard data protection clauses, enforceable by data subjects in the EEA and the UK. These clauses have been enhanced based on the guidance of the European Data Protection Board and will be updated when the new draft model clauses are approved.


Depending on the circumstance, DriverAI also collects and transfers to the U.S. personal data with consent; to perform a contract with you; or to fulfill a compelling legitimate interest of DriverAI in a manner that does not outweigh your rights and freedoms. DriverAI endeavors to apply suitable safeguards to protect the privacy and security of your personal data and to use it only consistent with your relationship with DriverAI and the practices described in this Privacy Statement. DriverAI also enters into data processing agreements and model clauses with its vendors whenever feasible and appropriate. Since it was founded, DriverAI has received zero government requests for information.
 

For more information or if you have any questions, please contact us at security@Driverai.io.

Data Subject rights

The European Union’s General Data Protection Regulation (GDPR) and other countries’ privacy laws provide certain rights for data subjects. Data Subject rights under GDPR include the following:

  • Right to be informed

  • Right of access

  • Right to rectification

  • Right to erasure

  • Right to restrict processing

  • Right of data portability

  • Right to object

  • Rights related to automated decision making including profiling

This Privacy Notice is intended to provide you with information about what personal data DriverAI collects about you and how it is used. 
If you wish to confirm that DriverAI is processing your personal data, or to have access to the personal data DriverAI may have about you, please contact us.


You may also request information about: the purpose of the processing; the categories of personal data concerned; who else outside DriverAI might have received the data from DriverAI; what the source of the information was (if you didn’t provide it directly to DriverAI); and how long it will be stored. You have a right to correct (rectify) the record of your personal data maintained by DriverAI if it is inaccurate. You may request that DriverAI erase that data or cease processing it, subject to certain exceptions. You may also request that DriverAI cease using your data for direct marketing purposes. In many countries, you have a right to lodge a complaint with the appropriate data protection authority if you have concerns about how DriverAI processes your personal data. When technically feasible, DriverAI will—at your request—provide your personal data to you.
 

Reasonable access to your personal data will be provided at no cost. If access cannot be provided within a reasonable time frame, DriverAI will provide you with a date when the information will be provided. If for some reason access is denied, DriverAI will provide an explanation as to why access has been denied.
 

For questions or complaints concerning the processing of your personal data, you can email us at security@driverai.io. Alternatively, if you are located in the European Union, you can also have recourse to the European Data Protection Supervisor or with your nation’s data protection authority.

5) Data Retention

We retain personal data only as long as necessary for the purposes described above:

  • Active account data: kept while your account is active.

  • Logs/diagnostics: retained for 180 days for security, troubleshooting, and reliability.

  • Backups: may persist for a limited period (up to 180 days) before being overwritten.    

Storage & protection: We store data in AWS region(s): us-east-2 using encryption at rest and access controls as described below.

6) Children’s Privacy

We do not knowingly attempt to solicit or receive information from children. The App is not intended for children under 13 (or the relevant minimum age in your jurisdiction). We do not knowingly collect personal data from children. If you believe a child provided us personal information, contact us and we will take appropriate steps to delete it.

7) Account Deletion (In-App + Web)

If you create an account, you can request deletion of your account and associated data:

  • In-app deletion: In the App, go to Settings → Account → Delete Account.

  • Web deletion: You can also request deletion at: Security@Driverai.io.

When deletion is requested and verified, we will delete (or de-identify) your account data and associated personal information within 180 days, except where retention is required for:

  • legal compliance,

  • security/fraud prevention,

  • dispute resolution,

  • or enforcing agreements.

 

Google Play expects an in-app deletion path and a publicly accessible web link for account deletion (when applicable). 

8) Security

We use reasonable administrative, technical, and organizational safeguards designed to protect information, including:

  • Encryption in transit (HTTPS/TLS)

  • Encryption at rest (cloud storage/database encryption where supported)

  • Access controls (least privilege, role-based access)

  • Monitoring and logging to detect suspicious activity

 

No method of transmission or storage is 100% secure, but we work to protect your information with industry-standard measures.

9) Your Choices & Rights

Depending on your location, you may have rights to:

  • access or correct your information,

  • request deletion,

  • object to or restrict certain processing,

  • withdraw consent (where applicable).

 

You can often manage your information directly in the App (e.g., updating profile details). You may also contact us at Security@Driverai.io.

10) International Data Transfers

If you access the App from outside the country/region where our servers are located, your information may be transferred and processed in other jurisdictions that may have different data protection laws. We take steps intended to protect your information consistent with this Policy.

11) Changes to This Policy

We may update this Policy from time to time. We will revise the Effective date and, if changes are material, provide additional notice in the App or via other appropriate means.

12) Contact Us

DriverAI has appointed an internal data protection officer for you to contact if you have any questions or concerns about DriverAI’s personal data policies or practices. If you would like to exercise your privacy rights, please direct your query to DriverAI’s data protection officer. DriverAI’s data protection officer’s name and contact information are as follows:
DriverAI, LLC
Attn: Privacy
Email: Security@Driverai.io
Address: 15892 N 74th Dr., Peoria, AZ 85382

Questions, concerns or complaints

If you have questions, concerns, complaints, or would like to exercise your rights, please contact us at:

security@driverai.io

bottom of page