PRIVACY POLICY FOR LOADHUB DRIVER
Last Updated: January 21, 2026

Service Provider: LoadHub.uk
Contact Email: jolders@loadhub.co.uk
Address: 15, Hamlet Lane, South Normanton, Derbyshire, DE552JB

===============================================================================
1. INTRODUCTION
===============================================================================

1.1 About This Policy
This Privacy Policy explains how LoadHub.uk collects, uses, stores, and
protects your personal information when you use the LoadHub Driver mobile
application.

1.2 Who We Are
LoadHub.uk operates a B2B software platform for transport and logistics
management. The LoadHub Driver app is designed for professional drivers
employed by transport companies.

1.3 Our Role as a Service Provider
IMPORTANT: LoadHub.uk provides software to transport companies. If you are
a driver:
- Your employer created your account
- Your employer is the Data Controller for your data
- We are the Data Processor acting on behalf of your employer

1.4 Age Restriction
This app is for professional drivers aged 18+. Not intended for children.

1.5 Acceptance
By using the app, you accept this Privacy Policy.

===============================================================================
2. INFORMATION WE COLLECT
===============================================================================

2.1 Account Information
- Email address (for login)
- Password (encrypted with AES-256-GCM)
- First and last name
- Company name (your employer)

2.2 Location Data (OPTIONAL - You Control This)
- GPS coordinates (latitude/longitude)
- Location accuracy
- Timestamps

When collected (only if you enable tracking):
- Periodic automated tracking (every 15/30/60 minutes you configure)
- When you update stop status (arrived, completed, failed)
- When you update job status
- Geofence detection for waypoints

IMPORTANT: Location tracking is optional in the app, but your employer may
require it as part of your job. Check with your employer.

2.3 Job and Delivery Information
- Load/job IDs and references
- Job status (in progress, completed)
- Customer names and addresses
- Load descriptions
- Stop addresses and coordinates
- Stop status updates
- Delivery notes and timestamps

2.4 App Settings (Stored Locally)
- Auto-tracking enabled/disabled
- Tracking interval preference
- Auto-logout settings
- Preferred navigation app
- Navigation sensitivity profile

2.5 What We DO NOT Collect
✗ Device identifiers (IMEI, Android ID)
✗ Device model or manufacturer
✗ Contacts, photos, or media
✗ Usage analytics or tracking
✗ Crash reports
✗ Social media information
✗ Payment information

===============================================================================
3. HOW WE USE YOUR INFORMATION
===============================================================================

3.1 Primary Purposes
- Authenticate your login
- Display job assignments
- Track delivery progress (when tracking enabled)
- Update job status
- Enable navigation
- Maintain security

3.2 Employer Access
Your employer can see:
- Real-time location (when tracking enabled, at your configured interval)
- Historical location data
- Job completion status
- Delivery notes

3.3 Service Improvement
We may use aggregated, anonymized data to improve the app.

3.4 Legal Compliance
We may use data to comply with laws, legal processes, or protect our rights.

===============================================================================
4. DATA STORAGE AND SECURITY
===============================================================================

4.1 Where Data is Stored

ON YOUR DEVICE:
- Encrypted: Email, password, auth token, name, company
- Unencrypted: Job cache, settings, location (temporarily)

ON OUR SERVERS:
- Location: United States (AWS US-East-2, Ohio)
- Service: Supabase (PostgreSQL)
- Encryption in transit: TLS 1.2+ (HTTPS)
- Encryption at rest: AES-256
- Backups: Encrypted

4.2 International Data Transfers

IMPORTANT FOR UK/EU DRIVERS:
Your data is transferred to and stored in the United States.

We protect it through:
- Standard Contractual Clauses
- Encryption (in transit and at rest)
- Access controls and security audits
- UK GDPR compliance

By using the app, you consent to data transfer to the US.

4.3 Security Measures

Technical:
- AES-256-GCM encryption for sensitive data
- TLS 1.2+ for all network communications
- JWT token authentication
- ProGuard/R8 code obfuscation
- Row-level security on database

Organizational:
- Access controls
- Multi-tenant isolation
- Regular security updates

Physical:
- Enterprise-grade data centers (AWS)
- Redundant backups
- Disaster recovery

4.4 Backups
- Frequency: Daily
- Retention: 7 days
- Encryption: Yes
- Location: AWS US-East-2

===============================================================================
5. DATA SHARING AND THIRD PARTIES
===============================================================================

5.1 Who We Share Data With

YOUR EMPLOYER (Transport Company):
- Account information
- Location data (when tracking enabled)
- Job status updates
- Delivery notes

SERVICE PROVIDERS:
- Supabase/AWS: Database hosting (all data) - US
- Google Maps API: Addresses only - Global
- Resend: Email delivery - US

NAVIGATION APPS (Google Maps/Waze):
When you navigate, we pass:
- Destination address and coordinates
- Toll avoidance preference (Google Maps)
Via Android Intent (we do NOT log or store this)

5.2 Who We DO NOT Share With
✗ Advertising networks
✗ Data brokers
✗ Social media platforms
✗ Marketing companies
✗ Analytics services

5.3 Legal Disclosures
We may disclose data if legally required (court orders, legal processes).

===============================================================================
6. DATA RETENTION
===============================================================================

ACTIVE ACCOUNTS: While your employer maintains your account

SUSPENDED ACCOUNTS: 90 days, then permanently deleted

DELETED ACCOUNTS: 90 days, then permanently deleted

LEGAL RETENTION: May retain longer if required by law (tax, employment law)

BACKUPS: Deleted data remains in backups for up to 7 days

===============================================================================
7. YOUR RIGHTS UNDER DATA PROTECTION LAW
===============================================================================

7.1 Your Privacy Rights (UK GDPR)

RIGHT TO ACCESS:
- Request copy of all your data
- Format: CSV or PDF via email
- Timeframe: 30 days
- How: Email jolders@loadhub.co.uk (subject: "Data Access Request")

RIGHT TO RECTIFICATION:
- Correct inaccurate data
- Update through app or email us
- Timeframe: 30 days

RIGHT TO ERASURE ("Right to be Forgotten"):
- Request deletion of your data
- Option 1: Contact your employer
- Option 2: Email jolders@loadhub.co.uk (subject: "Data Deletion Request")
- Timeframe: 30 days
- Note: May retain if legally required

RIGHT TO DATA PORTABILITY:
- Request data in CSV format
- Email jolders@loadhub.co.uk (subject: "Data Portability Request")
- Timeframe: 30 days

RIGHT TO OBJECT:
- Object to location tracking (disable in app settings)
- Note: Employer may require tracking for job

RIGHT TO RESTRICT PROCESSING:
- Request temporary limitation on data use
- Email jolders@loadhub.co.uk

RIGHT TO WITHDRAW CONSENT:
- For location tracking: Disable in app settings anytime

7.2 How to Exercise Rights

Step 1: Contact your employer (they are the Data Controller)
Step 2: Or email us directly: jolders@loadhub.co.uk
Step 3: We verify your identity
Step 4: We respond within 30 days

7.3 Right to Lodge Complaint

UK Information Commissioner's Office (ICO)
Website: https://ico.org.uk/make-a-complaint/
Phone: 0303 123 1113

===============================================================================
8. COOKIES AND TRACKING
===============================================================================

MOBILE APP: Does NOT use cookies, analytics, or tracking

LOADHUB WEBSITE (loadhub.co.uk): Does NOT use Google Analytics, advertising
cookies, or tracking pixels. Only essential cookies for basic functionality.

===============================================================================
9. CHILDREN'S PRIVACY
===============================================================================

App is for drivers 18+ only.

We do not knowingly collect data from anyone under 18.

If we discover data from someone under 18, we immediately delete it.

===============================================================================
10. DATA BREACH NOTIFICATION
===============================================================================

If a breach affects your data, we will:

WITHIN 72 HOURS:
- Notify you via email
- Describe the breach
- Explain what data was affected
- Outline our response
- Provide guidance to protect yourself
- Notify the ICO

===============================================================================
11. CHANGES TO THIS POLICY
===============================================================================

We may update this policy to reflect:
- Changes in laws
- New app features
- Changes to data practices

MATERIAL CHANGES:
- Update "Last Updated" date
- Notify you via email
- Provide summary of changes

MINOR CHANGES:
- Update policy and date only

Continued use after changes = acceptance

===============================================================================
12. LEGAL BASIS FOR PROCESSING (GDPR)
===============================================================================

ACCOUNT INFORMATION: Contractual Necessity
JOB/DELIVERY DATA: Contractual Necessity
LOCATION DATA: Consent + Legitimate Interest
APP SETTINGS: Legitimate Interest

===============================================================================
13. ADDITIONAL INFORMATION
===============================================================================

NO MARKETING: We do NOT send promotional emails. Only service-related
communications.

THIRD-PARTY LINKS: App may link to Google Maps/Waze. Review their privacy
policies separately.

AUTOMATED DECISIONS: We do NOT use automated decision-making or profiling.

===============================================================================
14. CONTACT US
===============================================================================

Email: jolders@loadhub.co.uk
Subject Line: Include "Privacy Inquiry"
Service Provider: LoadHub.uk
Address: 15, Hamlet Lane, South Normanton, Derbyshire, DE552JB

Response Time: Within 5 business days

UK Data Protection Authority:
Information Commissioner's Office (ICO)
Website: https://ico.org.uk
Phone: 0303 123 1113

===============================================================================
15. SUMMARY OF KEY POINTS
===============================================================================

✓ Who We Are: LoadHub.uk - B2B logistics software
✓ Your Employer: Controls your account and data
✓ Data Collected: Account info, location (optional), job data
✓ Location Tracking: Optional - you control in settings
✓ Data Storage: United States (AWS Ohio), encrypted
✓ Sharing: Only employer and necessary service providers
✓ Retention: Active account + 90 days after deletion
✓ Your Rights: Access, delete, correct, object (GDPR)
✓ Contact: jolders@loadhub.co.uk
✓ No Marketing: No promotional emails
✓ Age: 18+ only

===============================================================================

This privacy policy is effective as of January 21, 2026
LoadHub.uk - Professional Logistics Solutions