Legal

Privacy Policy

Effective date: February 16, 2026. This page summarizes how RideVoy collects, uses, and protects data.

Information we process

Ride data, account information, and operational metadata necessary to deliver platform services.

How we use information

To operate workflows, improve service reliability, support reporting, and maintain platform security.

Data sharing

Data is shared only as needed for service delivery, legal compliance, or authorized customer workflows.

Data breach notification

In the event of a confirmed breach of unsecured personal or protected health information (PHI), RideVoy will notify affected customers without unreasonable delay and no later than sixty (60) calendar days after discovery, consistent with the HIPAA Breach Notification Rule (45 CFR §§ 164.400–414) and applicable state law, including the Iowa Personal Information Security Breach Protection Act (Iowa Code chapter 715C) — under which the Iowa Attorney General’s Consumer Protection Division is also notified within five (5) business days when a breach affects more than 500 Iowa residents. Suspected breaches may be reported to privacy@getridevoy.com. See our full Data breach notification policy in the Terms of Service.

Your rights

Contact privacy@getridevoy.com for privacy-related requests and policy questions.