Privacy Policy

PRIVACY POLICY — MY OPTIMIZED ROUTE Last updated: April 4, 2026 1. Introduction My Optimized Route ("MOR", "we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains what information we collect, how we use it, who we share it with, and your rights regarding your data. By using MOR you agree to the practices described in this policy. This policy applies to myoptimizedroute.com and all associated services. 2. Information We Collect Account Information When you create an account we collect your name, email address, phone number, and company name. A valid credit card is required to activate your account. Payment information is processed and stored by Stripe — see the Payment Information section below for details. This information is required to provide the service. Customer and Delivery Data As part of using MOR you may upload or enter customer names, delivery addresses, phone numbers, and delivery notes. This data belongs to you. We store it solely to provide the route optimization and delivery management service. Driver Data Driver accounts include name, email address, and optional phone number. During active routes, the MOR driver portal logs GPS location data to enable near real-time tracking for dispatchers. Location data is collected only while the driver portal is active and in use. Proof of Delivery The platform supports photo capture and signature collection at delivery stops. This data is stored securely and is accessible only to your account. Payment Information We use Stripe to process payments. MOR does not store your credit card number, expiration date, or CVV. Stripe stores and processes payment information on our behalf under their own privacy policy. We store your Stripe customer ID and subscription status only. API Usage Data If you use the MOR REST API, we log request metadata including endpoint, method, response code, and timestamp. Full request and response bodies are not logged. Support Communications If you contact us via the support ticket system, we retain the contents of your communications to resolve your issue and improve the service. Usage and Technical Data We collect standard web server logs including IP addresses, browser type, and pages visited. This data is used for security monitoring and platform improvement. We do not sell this data. Cookies MOR uses the following types of cookies: - Session cookies: Required for authentication. These expire when you close your browser or log out. - Security cookies: Set by Cloudflare for DDoS protection and performance. These are set automatically and cannot be disabled without affecting platform functionality. We do not use advertising cookies or third-party tracking cookies on the platform. Our public marketing pages may be subject to Cloudflare cookies. 3. How We Use Your Data We use the information we collect to: - Provide, operate, and improve the MOR platform - Process payments and manage your subscription - Send transactional emails including account verification, password resets, and delivery notifications - Send SMS delivery notifications to your customers on your behalf - Provide customer support - Monitor platform security and prevent abuse - Comply with legal obligations We do not use your delivery customer data for any purpose other than providing the service to you. 4. Data Sharing and Third Parties We do not sell your data. We share data only with the following third parties as necessary to provide the service: - Stripe: Payment processing. Subject to Stripe's Privacy Policy. - Google: Maps and geocoding via Google Maps API. Delivery addresses are sent to Google for geocoding. Subject to Google's Privacy Policy. - Cloudflare: Security, performance, and DDoS protection. Subject to Cloudflare's Privacy Policy. - SMS provider: Delivery notification SMS messages are sent via our SMS provider on your behalf. Phone numbers of your delivery customers are transmitted to the SMS provider for this purpose only. - Hosting provider: Our servers are hosted on a third-party hosting provider with physical and technical security controls in place. We may disclose your information if required by law, court order, or government request, or to protect the rights, property, or safety of MOR, our users, or the public. 5. Data Retention We retain your account data for as long as your account is active. If you cancel your account, your data is retained for 30 days before permanent deletion. You may request early deletion by contacting us. Driver GPS location logs are retained according to your plan's retention period. Delivery records and proof of delivery data are retained for the life of your account. API request logs are retained for 90 days. Support ticket communications are retained for 2 years. 6. Your Rights California Residents (CCPA/CPRA) If you are a California resident you have the following rights: - Right to know what personal information we collect and how it is used - Right to delete your personal information - Right to opt out of the sale of your personal information (we do not sell personal information) - Right to non-discrimination for exercising your privacy rights To exercise these rights, contact us. We will respond within 45 days. European Union Residents (GDPR) If you are located in the European Union you have the following rights: - Right of access to your personal data - Right to rectification of inaccurate data - Right to erasure ("right to be forgotten") - Right to restriction of processing - Right to data portability - Right to object to processing - Right to withdraw consent at any time The legal basis for processing your data is performance of a contract (providing the service you signed up for) and legitimate interests (security and fraud prevention). To exercise your GDPR rights, contact us. We will respond within 30 days. 7. SMS Notifications MOR sends SMS delivery notifications to your customers on your behalf when you enable this feature. Every SMS recipient has the ability to opt in or opt out at any time by replying STOP to any message. Opt-out requests are processed automatically and immediately. MOR complies with the Telephone Consumer Protection Act (TCPA). 8. Security We take reasonable technical and organizational measures to protect your data including: - Encryption of sensitive credentials at rest using AES-256-CBC - HTTPS for all data in transit - API keys stored as SHA-256 hashes - Session security including CSRF protection and session timeout - Regular security audits No method of transmission over the internet is completely secure. While we take reasonable precautions, we cannot guarantee absolute security. In the event of a data breach affecting your personal information, we will notify you as required by applicable law. 9. Children's Privacy MOR is not intended for use by anyone under the age of 18. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a minor, contact us and we will delete it promptly. 10. International Data Transfers If you access MOR from outside the United States, your data may be transferred to and processed in the United States. By using the platform you consent to this transfer. We take reasonable steps to ensure your data is treated securely regardless of where it is processed. 11. Third Party Links The MOR platform may contain links to third party websites. We are not responsible for the privacy practices of those sites. We encourage you to review the privacy policies of any third party sites you visit. 12. Changes to This Policy We may update this Privacy Policy from time to time. We will notify you of material changes by email and by posting the updated policy at myoptimizedroute.com/privacy.php. Your continued use of the platform after changes take effect constitutes acceptance of the updated policy. 13. Contact If you have questions about this Privacy Policy or wish to exercise your privacy rights, contact us.