Andiamo — Privacy Policy (Mobility & Community Services)

Last updated: 2026-04-23

DRAFT — MANDATORY REVIEW BY LICENSED COUNSEL BEFORE PRODUCTION USE. Rideshare privacy has heightened sensitivities (precise real-time geolocation, payment data, driver PII, background-check data, state TNC laws). Review required.

This Privacy Policy ("Policy") describes how Andiamo LLC ("Andiamo," "we," "us," or "our") collects, uses, shares, and protects information when you use Andiamo at https://andiamo.tech (the "Service"), including as a Rider, Driver, Helper, Provider, or community member.

By using the Service, you acknowledge you have read and understand this Policy.

1. Definitions

  • "Rider" — a user who requests rides through the Service.
  • "Driver" — an independent driver who offers rides through the Service.
  • "Helper" — a user who provides or receives neighborhood services through the Helper program.
  • "Provider" — a local service provider registered on the Service.
  • "Ride" — a transportation service arranged through the Service.
  • "Personal Information" — information that identifies or could reasonably be linked to an individual.

2. Information we collect

2.1 Account information (all users)

Name, email, phone number, password (hashed), username, display name, authentication-provider identifier, optional profile photo, and communications preferences.

2.2 Rider information

  • Pickup and drop-off addresses, requested routes, trip history, ratings given.
  • In-app messages with Drivers or support.
  • Payment method references (handled by Stripe — see Section 2.6).
  • Accessibility preferences (where provided).

2.3 Driver information (in addition to account)

  • Driver's license number and expiration.
  • Vehicle information: make, model, year, color, license plate, VIN, registration.
  • Insurance: carrier, policy number, coverage limits, expiration.
  • Background-check information returned from our vendor and from state motor-vehicle records, including criminal-history data where legally permitted.
  • Banking information for payouts (handled by Stripe Connect; we store only tokenized references and, where Stripe provides, a masked account identifier).
  • Driving activity: routes, timestamps, acceptance/cancellation events, earnings, ratings received.

2.4 Helper / Provider information

  • Service category, hours of availability, service area.
  • Ratings received and reviews.
  • Helper Credit balances and transaction history.

2.5 Precise location

When you use the Service as a Rider, Driver, or Helper, we collect precise device location during active sessions (requesting a ride, available as a Driver/Helper, or en route) to match Riders with Drivers, calculate fares and routes, provide navigation, detect safety events, and prevent fraud. We do not collect precise location while you are not actively using the Service.

2.6 Payment information

Payments are processed by Stripe, Inc. Stripe returns to us a tokenized payment method reference, the last four digits of a card, card brand, and expiration. We do not receive or store your full card number. Driver payouts use Stripe Connect and are subject to Stripe's separate terms and privacy notice.

2.7 Communications

Messages between users (including in-app chat), support conversations, and incident reports. Messages may be retained for safety, fraud prevention, and dispute resolution.

2.8 Device and usage

IP address, device identifiers, operating system, browser, app version, crash logs, session identifiers, and app events (e.g., screen views, feature use).

2.9 Cookies and similar technologies

See our Cookie Policy. We use first-party cookies for authentication, session, CSRF, and preferences.

3. How we use information

  • Match Riders with Drivers and facilitate Rides.
  • Calculate fares, process payments, and compute Driver payouts.
  • Verify Driver eligibility (identity, insurance, driving record, and — where legally permitted — criminal background).
  • Provide navigation and routing.
  • Detect and prevent fraud, unsafe behavior, and abuse.
  • Respond to and investigate safety incidents.
  • Provide customer support and resolve disputes.
  • Comply with legal obligations (tax reporting (e.g., 1099-K), TNC regulations, insurance reporting, subpoenas).
  • Send transactional notices (ride status, receipts, account notices).
  • Improve the Service through aggregate and de-identified analytics.

We do not: sell Personal Information; use Personal Information to target non-transportation advertising; share identifiable ride data with third parties for marketing; use your data to train general-purpose AI models without consent.

4. How we share information

4.1 Between users of the Service

  • Rider → Driver: first name, profile photo, pickup/dropoff addresses (drop-off disclosed at pickup), rating.
  • Driver → Rider: first name, profile photo, vehicle make/model/color/plate, rating, and approximate location during active match.
  • Exact address disclosure is minimized and timed to the stage of the Ride.

4.2 Sub-processors

Sub-processor Role Data Location
Microsoft Azure Hosting, databases, storage All Service data United States
Stripe, Inc. Payments, driver payouts (Connect) Payment and payout data United States
Stripe Identity / Connect KYC Identity verification for Drivers and payouts Government ID, SSN last-4, bank United States
Postmark Transactional email Email, message content United States
Keycloak (self-hosted) / Microsoft Entra External ID Authentication Email, credential material United States / EU
Background-check vendor Driver onboarding Applicant data, MVR, criminal history United States
Google Maps Platform Routing, distance matrix, places autocomplete Trip geometry United States
Azure DALL-E (optional) Avatar generation (opt-in) Prompt, generated image United States / EU
Printify Swag fulfillment (optional) Shipping address United States

Each Sub-processor is bound by a written agreement restricting use to our instructions, requiring confidentiality, and applying equivalent protections to onward transfers.

4.3 Insurance and regulators

We may share Ride and incident data with insurance carriers, state TNC regulators, and other governmental authorities as required by law, including Washington RCW 46.72A and comparable statutes.

4.4 Legal and safety disclosures

We may disclose Personal Information to law enforcement, courts, or other authorities when we believe in good faith that disclosure is required to (a) comply with a subpoena or legal process, (b) enforce our Terms, (c) protect the rights, property, or safety of Andiamo, our users, or the public, or (d) respond to an emergency involving danger of death or serious physical injury (consistent with 18 U.S.C. § 2702).

4.5 Corporate transactions

In a merger, acquisition, financing, reorganization, bankruptcy, or asset sale, Personal Information may be transferred to the acquiring entity, subject to continuation of equivalent protections and advance notice to users.

4.6 With your consent

Any other sharing occurs only with your explicit, affirmative consent, which you may withdraw at any time.

4A. Consumer Health Data (Washington My Health My Data Act)

Under the Washington My Health My Data Act, RCW 19.373, "consumer health data" is information linked or reasonably linkable to a consumer that identifies past, present, or future physical or mental health status, including inferences drawn from precise location or behavior.

Because ride destinations can include healthcare facilities (hospitals, clinics, pharmacies, reproductive-health providers, mental-health facilities, methadone clinics, etc.), Andiamo treats precise ride-location data that reveals or allows inference of a rider's health-seeking activity as consumer health data and applies the following safeguards:

  • Opt-in consent. By accepting these Terms and the Privacy Policy on registration, you provide the opt-in consent required under RCW 19.373.050 for Andiamo to collect, use, and share precise location to provide the Service.
  • No sale without separate written authorization. We do not sell consumer health data, and will not sell it without obtaining a separate valid authorization that meets the requirements of RCW 19.373.070.
  • Geofence restriction. We do not, and will not, implement any geofence within 2,000 feet of a healthcare facility for the purpose of advertising to, identifying, or messaging a rider based on their presence near that facility.
  • Right to delete. You may request deletion of your consumer health data at any time by emailing support@andiamo.tech. We honor deletion requests within 30 days except where the data is retained under a legal exception (e.g., insurance claim, tax record, litigation hold).
  • No targeted advertising to health-seeking behavior. We do not use consumer health data to build advertising profiles or to target any advertising.

5. Location data

Location data is highly sensitive. We apply the following controls:

  • Collected only during active sessions.
  • Precision limited to what is needed for the active task.
  • Retained only as long as necessary for safety, dispute resolution, insurance, and tax purposes.
  • Never sold, never shared for advertising, and never aggregated into commercial location datasets.

You may disable location at the operating-system level; however, the Service cannot dispatch rides without location and certain features will be unavailable.

6. Background checks (Drivers only)

By applying as a Driver, you authorize us (and our background-check vendor) to obtain and use consumer reports (as defined by the federal Fair Credit Reporting Act, 15 U.S.C. § 1681 et seq.) and motor-vehicle records in connection with onboarding and periodic re-screens. You will receive the disclosures and any notices required by the FCRA and applicable state law before reports are obtained. If an adverse action is taken based on a report, you will receive the pre- and post-adverse-action notices required by the FCRA.

7. Messaging and recordings

In-app messages and incident reports are retained for safety, fraud prevention, and defense of claims. We do not record audio or video of rides. If you voluntarily share a recording with support, we use it only to investigate and resolve the reported incident.

8. Your rights

To exercise any right, email support@andiamo.tech from the address on your account. We will respond within the period required by applicable law (generally 30–45 days). We may need to verify your identity for safety-sensitive requests.

  • Access, correction, deletion, portability, and restriction of Personal Information.
  • Deletion: Upon deletion, we purge Personal Information within 30 days except as required for safety (incident records), taxation (financial records retained ≈ 7 years), insurance (ride records retained for the period required for claims defense, typically 7 years), and legal obligations.
  • Objection and consent withdrawal where applicable.

8.1 California (CCPA / CPRA)

We do not sell or share Personal Information as defined by the CCPA/CPRA. California residents have additional rights to limit use of sensitive personal information, including precise geolocation.

8.2 Washington (My Health My Data Act)

See Section 4A for our full Consumer Health Data practices. Washington residents have rights of access, deletion, and withdrawal of consent under RCW 19.373, and may bring a private right of action through the Washington Consumer Protection Act for violations.

8.3 EU / UK / EEA (GDPR)

Lawful bases for processing: contract performance (to provide the Service), legal obligation (tax, insurance), legitimate interests (safety, fraud prevention), and consent (optional features). You may lodge a complaint with your supervisory authority.

9. Retention

  • Active accounts: retained while active.
  • Closed accounts: personal information purged within 30 days subject to the exceptions below.
  • Ride records: retained 7 years for tax, insurance, and legal compliance.
  • Driver records (including background-check data): retained per applicable state law and vendor contract.
  • Incident records: retained for the period necessary to defend claims.
  • Aggregate or de-identified data: may be retained indefinitely.

10. Security

  • TLS 1.2+ in transit; AES-256 (or equivalent) at rest for primary data stores.
  • Role-based access controls, least privilege, periodic access reviews, MFA for administrative access.
  • Secret rotation, dependency scanning, and security review cycles.
  • Audit logging of privileged actions; anomaly detection.
  • Payment data handled via PCI-DSS Level 1 provider (Stripe); Andiamo does not store full card numbers.
  • Breach notification as required by applicable law.

11. International transfers

Primary hosting is in the United States. Transfers from the EEA/UK rely on Standard Contractual Clauses and supplementary measures where required.

12. Children

The Service is not directed to anyone under 18, and we do not knowingly collect Personal Information from anyone under 18. If we learn we have collected information from a minor, we will delete it promptly.

13. Cookies

See the Cookie Policy.

14. Changes

We will post any updated Policy here with a new "Last updated" date. Material changes will be announced at least thirty (30) days in advance via email or conspicuous in-product notice.

15. Contact