Privacy Policy
⚠ Draft — not yet in force
This document is still a working draft. It has 3 unfilled placeholders (highlighted below) — including items like the legal entity name and effective date. It needs review by qualified counsel in Pakistan before it binds anyone. This page is noindex until then, and should not be submitted to the Play Console yet.
Effective date: [•] · Version: 1.0 (draft) · Contact: driviodevdrivio@gmail.com
⚠️ Legal review required. Draft tailored to the Platform's actual data practices; finalise with qualified counsel before publication. Complete bracketed items [•]. The app is currently distributed as a direct-install Android APK (not yet on Google Play or the App Store); when store distribution begins, this policy is also the source for the Google Play Data safety form and Apple App Privacy labels.
1. Who we are
[Drivio legal entity name] ("Drivio", "we") operates the Drivio app — a marketplace for standard rides, pool rides, and hourly vehicle rentals in Pakistan. This policy explains what personal data we collect, why, how long we keep it, and your rights. It applies to Customers, Riders, and admin portal users.
2. Data we collect
2.1 All users
| Data | Source | Purpose |
|---|---|---|
| Mobile phone number | You, at sign-up | Account identity; OTP verification; contact about your trips |
| Name, profile photo (optional) | You | Display to your counterpart in a trip |
| Roles and account settings | You / generated | Operate the dual-role account |
| Wallet balance, transaction ledger | Generated by our payment system | Payments, escrow, refunds, commission, fraud prevention, accounting |
| Ride records (pickup/destination, times, fare, status, counterpart) | You / generated | Provide and document the service; disputes; safety |
| In-app chat messages (per ride) | You | Rider–customer coordination during a trip; dispute evidence |
| Device push token | Your device | Trip notifications |
| Technical logs (app events, errors) | Generated | Reliability and security |
2.2 Location data
- Customers: pickup location (GPS, with your permission) and destination you enter, per booking.
- Riders: continuous GPS while you are online or on a trip, published to our realtime backend and shown live to the matched customer. Broadcasting stops when you go offline.
- Map display: to render in-app maps, the coordinates being displayed (pickup, destination, and live rider location) are sent from your device to Google Maps Platform (map tiles and Static Maps images). Your device's operating-system geocoder is used to convert between addresses and coordinates.
2.3 Riders only (KYC / verification)
To activate the Rider role we collect and an administrator manually reviews:
- CNIC (front and back images)
- Driving licence image
- Vehicle registration document image
- Police character certificate (no-FIR certificate) image
- Photograph, vehicle details, selected services and rental pricing
Legal basis: performance of the Rider agreement and our legitimate interest / legal duty in passenger safety and provider verification.
2.4 What we do NOT collect
No payment card numbers (wallet top-ups occur via the payment provider when a gateway is integrated; card data stays with the provider). No contacts, no advertising identifiers, no background location for Customers, no biometric data.
3. How we use data
- Provide the services: matching, live tracking, chat, payments, escrow, refunds.
- Safety and trust: Rider verification, admin document review, incident investigation.
- Legal compliance: financial record-keeping, responding to lawful requests.
- Service communication: OTPs and trip notifications (not marketing unless you opt in separately).
- Improvement and debugging using technical logs.
We do not sell personal data and do not use it for third-party advertising.
4. Sharing
| Recipient | What | Why |
|---|---|---|
| Your trip counterpart | Name, photo, phone-mediated contact via app, live rider location, vehicle details (rider→customer) | Delivering the booked trip |
| Google Firebase (Google LLC) | All platform data (see §6) | Cloud infrastructure — our data processor |
| Google Maps Platform (Google LLC) | Pickup/destination coordinates and live rider location shown on a map | Rendering map tiles and Static Maps images — service provider |
| Payment gateway (when integrated: e.g. JazzCash / EasyPaisa / Stripe) | Top-up transaction data | Processing payments |
| Drivio administrators | KYC documents, users, rides, payments records | Verification, support, oversight |
| Authorities | What the law requires | Legal obligation |
KYC documents are never visible to other users — only to you and authorised administrators.
5. Security
- All money records (wallets, transactions, payments) are locked against client modification; payment settlement records are inaccessible to any app user.
- KYC images are stored with access restricted to the owner and administrators.
- Data in transit is encrypted (TLS); Firebase encrypts data at rest.
- Access to production data is limited to authorised personnel via role claims.
No system is perfectly secure; we will notify affected users and authorities of any breach as required by applicable law.
6. International transfer
Our processors are Google Firebase and Google Maps Platform (both Google LLC); data may be stored or processed on Google servers outside Pakistan (Firebase region [•]). Google is bound by its data-processing terms. By using the Platform you consent to this transfer as needed to provide the service.
7. Retention
Summarised here; the full schedule is in the Data Retention & Deletion Policy:
- Account/profile: life of the account + [90] days after deletion request.
- Ride and chat records: [12] months after the ride, then deleted or anonymised.
- Financial ledger: [6] years (statutory accounting/tax requirements).
- KYC documents: while the Rider role is active + [12] months, or [30] days after a rejected application.
- Live GPS points: transient; not retained beyond the trip context.
8. Your rights
You may, via the app or by emailing driviodevdrivio@gmail.com:
- access a copy of your data;
- correct inaccurate data;
- delete your account and data (subject to statutory retention of financial records);
- withdraw location permission at any time in device settings (the services cannot function without it while booking/driving);
- complain to the relevant data-protection authority.
We respond within 30 days.
9. Children
The Platform is for users 18+. We do not knowingly collect children's data; accounts found to belong to minors are removed.
10. Changes
We will notify material changes in-app before they take effect and update the version/date above.
11. Contact
[Drivio legal entity name], [registered address] Data protection contact: driviodevdrivio@gmail.com
Rendered from docs/legal/PRIVACY_POLICY.md at build time — that markdown is the single source of truth. Edit it there, not here.