Driver Privacy Policy

1. Scope

This policy applies to delivery contractors (1099 independent contractors) engaged by ExecEats Inc. to fulfill catering deliveries through the ExecEats Driver application. Drivers are not gig workers in the platform-marketplace sense — they are contractors fulfilling deliveries for ExecEats Inc. as part of their relationship with us.

By accepting your contractor agreement and signing in to the ExecEats Driver app, you agree to the collection and use of information as described below.

2. Identity & Authentication

When your contractor profile is created by our operations team, we collect:

• Your name, email address, and phone number — used for account sign-in and dispatch contact
• An email-and-password credential issued by our identity provider (Supabase Auth). ExecEats Inc. does not store your password — only our identity provider does
• On first sign-in, the app requires you to set your own password. We never see the password you choose

3. Vehicle & License Information

To dispatch you appropriately and meet our insurance requirements, we collect:

• Vehicle make and model
• License plate number

You can update these fields yourself from the Profile screen. They are visible only to you, our dispatch operations team, and (for delivery identification) the customer who is awaiting your arrival.

4. Location Data — While On Duty

GPS location is the most sensitive category of information we collect. We are explicit about when and why:

When location is collected

Location is captured only between the “Picked Up” and “Delivered” phases of an active delivery. The delivery state machine is the gate: when no delivery is active, the app does not collect location. Signing out of the app stops collection immediately.

What is collected

Latitude, longitude, GPS accuracy in meters, recorded timestamp, and movement direction (heading) and speed when available. Each reading is associated with the specific delivery record it relates to.

Why we collect it

• Provide live arrival-tracking to the customer awaiting the delivery
• Resolve disputes about whether a delivery occurred and when
• Improve our dispatch routing and ETA accuracy

Background mode

To keep tracking active when the app is backgrounded during a delivery, iOS will prompt you for “Always Allow” location access. You can decline; the app will function with foreground-only location, but accurate live-tracking during driving will be limited.

Spoofing detection

The app runs basic on-device checks to detect simulated GPS locations. These checks happen entirely on your device — no additional telemetry is sent for spoofing detection itself.

Retention

Raw GPS readings are retained for 90 days, after which they are permanently deleted. The fact that a delivery occurred and was completed by you remains in our operational records (see Section 9 on Data Retention).

5. Delivery Proof Photos

The app prompts you to capture two photos at the dropoff: a building entrance photo and a dropoff-location photo. These photos:

• Are stored in our private cloud storage (Supabase Storage, delivery-photos bucket)
• Are linked to the delivery record you completed and are visible to you, our operations team, and the customer who placed the order
• Form part of the delivery audit record. They are retained as long as the delivery record itself, consistent with tax, audit, and dispute-resolution requirements (see Section 9)
• May incidentally include lobby signage, building exteriors, or the entrance areas of customer offices. Do not include faces of people in your photos when avoidable

If you cannot capture a photo (security restrictions, poor conditions), the app provides a bypass option that records your reason instead.

6. Push Notifications

When you grant the app permission to send notifications, Apple Push Notification service (APNs) issues a device token, which we store against your driver record. We use this token to:

• Notify you of new delivery assignments
• Alert you when a delivery time window is changing
• Communicate operational updates from dispatch

We do not use this token for marketing communications. The token is cleared when you sign out and when your account is deleted.

7. Error & Performance Telemetry

To diagnose crashes and performance regressions, the app sends anonymized error and performance data to our error-tracking provider (Sentry). Before any data leaves your device, an on-device scrubber strips:

• Location coordinates
• Delivery proof photos
• Customer contact details
• Address strings

What remains is the technical context needed to fix bugs: stack traces, app version, iOS version, device model, and breadcrumb logs with sensitive fields redacted. Telemetry is retained for 30 days.

8. Operational Communications

We may send you operational email or SMS messages related to your deliveries — for example, a schedule change, an incident follow-up, or an in-app account event such as a deletion confirmation. These are sent via our transactional email provider (Resend). We do not send marketing communications to drivers.

9. Data Retention

ExecEats Inc. follows a soft-delete plus PII sanitization retention model rather than hard-deleting operational records. Different categories of information have different retention windows because they serve different purposes.

Personal information (PII) — sanitized at deletion

Your name, email, phone, license plate, vehicle details, and login credentials are sanitized 30 days after you request account deletion. After sanitization, your driver record exists as an anonymous identifier only.

GPS readings — 90 days

Raw location pings are deleted after 90 days regardless of whether you remain an active contractor.

Operational delivery records — retained

The fact that a delivery occurred — including delivery proof photos, timestamps, and the anonymous identifier of the contractor who completed it — is retained as part of our operational record. We do this to comply with:

• Federal tax recordkeeping requirements (1099 contractor reporting, IRS §6501)
• Customer dispute and chargeback resolution (typically 2 years)
• Liability defense (statute of limitations dependent, typically 2–6 years post-incident)
• Audit and SOC 2 / ISO 27001 expectations

This separation — sanitize PII, retain the operational record — is consistent with GDPR Article 17(3)(b) and (e) and CCPA §1798.105(d), which both carve out retention required for legal obligations and dispute resolution.

10. Account Deletion

You can request account deletion at any time directly from inside the ExecEats Driver app:

• Open Profile → Privacy & Data → Delete Account
• You will be asked to type DELETE to confirm
• On confirmation, you are signed out immediately and your account enters a 30-day grace period. Signing back in during that window cancels the deletion
• After 30 days, your PII is permanently sanitized as described in Section 9. Operational records associated with deliveries you completed remain

You cannot delete your account while you have an active delivery in progress. Complete the delivery first, or contact dispatch to reassign it.

11. Legal Basis for Processing

Where applicable privacy law requires us to identify a legal basis, we rely on the following:

• Performance of contract — collection and use is necessary to perform our independent-contractor agreement with you (GDPR Article 6(1)(b); CCPA §1798.140 business-purpose use)
• Legal obligation — tax, audit, and recordkeeping requirements (GDPR Article 6(1)(c); CCPA §1798.105(d) carve-outs)
• Legitimate interest — fraud prevention, dispute resolution, security (GDPR Article 6(1)(f))

12. Service Providers

We use the following service providers to operate the Driver app. Each handles data only as instructed by us and under contract:

• Supabase — application database, identity provider, file storage (US data residency)
• Apple Push Notification service (APNs) — push delivery
• Sentry — error tracking and performance telemetry (PII-scrubbed before send)
• Resend — transactional email delivery
• PostHog — product analytics (anonymized, no personally identifiable data)

Note on payouts: Driver compensation is processed through our payroll provider, not through the app. Stripe (which we use for customer-side payments) is not used for driver compensation.

13. Your Rights

Subject to applicable law, you have the right to:

• Access the personal information we hold about you
• Request correction of inaccurate information (you can update most fields directly from the Profile screen)
• Request deletion of your account, subject to the retention rules in Section 9
• Request a copy of your data in a portable format
• Lodge a complaint with your local data protection authority

For requests other than account deletion (which is self-service in the app), email privacy@execeatsapp.com from the address associated with your driver account.

14. Children

The ExecEats Driver app is intended only for adults engaged as delivery contractors. We do not knowingly collect information from minors.

15. Changes to This Policy

We may update this Driver Privacy Policy from time to time. When we make significant changes, we will notify drivers through the app or via email. Continued use of the ExecEats Driver app after changes take effect constitutes acceptance of the updated policy.

16. Contact Us

For questions about this policy or our handling of driver information:

• Email: privacy@execeatsapp.com
• Address: ExecEats Inc., 1522 Western Ave STE 59470, Seattle, WA 98101 USA