Privacy Policy
This Privacy Policy explains how Zoride ("Zoride", "we", "us") collects, uses, stores, and shares information when you use our rider app, driver app, or website (together, the "Services"). It applies to riders and drivers alike, with role-specific differences called out below.
Short version: we collect the information needed to match riders with drivers, calculate fares, process payments, and keep the service safe. We never sell your data, and all of it routes through our own backend — none of our partner services (Supabase, Razorpay, Google Maps, Firebase) receive direct access to your account from the app itself.
1. Information we collect
1.1 Account information
When you create an account, we collect your name, phone number, email address, and a password (stored securely via our authentication provider, Supabase — we never see or store your raw password). Drivers additionally provide vehicle details and verification documents required to operate on the platform.
1.2 Location data
To provide the core ride-booking service, we collect:
- Rider: your pickup and drop-off locations for each trip, and your approximate location while the app is open to show nearby availability.
- Driver: continuous live location while you are online and during an active trip, so riders can track your approach and we can calculate accurate ETAs and fares. Location updates are sent to our backend at a fixed interval while you are online — they are not collected when the app is closed or you are offline.
1.3 Trip and payment information
We retain a history of your trips (route, fare, time, ratings) and payment records. Card and payment instrument details are collected and processed directly by our payment partner, Razorpay — Zoride does not store your full card number, CVV, or banking credentials on our servers.
1.4 Device and usage information
We collect device identifiers, app version, crash logs, and basic usage analytics through Firebase Crashlytics and Firebase Analytics, to diagnose issues and improve the app. We also collect a push notification token (FCM) so we can notify you about trip status, driver alerts, and (optionally) promotions.
2. How we use your information
- To match riders with nearby available drivers and facilitate trips
- To calculate routes, ETAs, distances, and fares (via Google Maps services, called from our backend only)
- To process payments and payouts (via Razorpay)
- To send trip-related notifications, receipts, and support communication
- To detect, prevent, and investigate fraud, abuse, or safety incidents
- To maintain and improve the reliability and performance of the Services
- To comply with legal obligations, including those applicable to transport and payment services
3. Who we share data with
We do not sell your personal data. We share information only as needed to operate the Services:
| Partner | Purpose | Data shared |
|---|---|---|
| Supabase | Authentication & database hosting | Account credentials, profile, trip records |
| Razorpay | Payment processing | Payment amount, contact details necessary for transaction |
| Google Maps | Geocoding, routing, ETA, distance calculation | Pickup/drop coordinates (requests originate from our backend, not your device) |
| Firebase (Google) | Push notifications, crash reporting, analytics | Device token, crash logs, usage events |
The relevant driver is shown a rider's pickup location and approximate contact details only for the duration of an active trip, and vice versa. This information is not visible to other users.
4. Data retention
We retain trip history and account information for as long as your account is active, and for a limited period afterward as required for accounting, tax, fraud-prevention, and legal-compliance purposes. Live location data is retained only as long as needed to support the active trip and short-term safety/support investigations, after which it is not used for any other purpose.
5. Data deletion & account closure
You can request deletion of your account and associated personal data at any time by emailing support@zoride.in from your registered email address, with the subject line "Account Deletion Request".
- We will verify your identity and confirm receipt within 3 business days.
- Your account, profile, and stored location history will be deleted within 30 days of a verified request.
- Trip and payment records that we are legally required to retain (e.g. for tax, accounting, or fraud-investigation purposes) will be retained for the legally mandated period, after which they are deleted, and will not be used for any other purpose in the meantime.
- Some anonymized, aggregated data that no longer identifies you may be retained for analytics.
6. Your rights
Depending on your location, you may have the right to access, correct, export, or delete your personal data, and to object to or restrict certain processing. You can exercise these rights by contacting support@zoride.in.
7. Security
All requests between the app and our servers are authenticated and encrypted in transit. Access to personal data is restricted by role-based permissions, and our backend enforces row-level security on the underlying database. No system is perfectly secure, and we cannot guarantee absolute security, but we apply industry-standard practices to protect your information.
8. Children's privacy
The Services are not directed to children under 18. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, contact us and we will delete it.
9. Changes to this policy
We may update this Privacy Policy from time to time. We will revise the "Last updated" date above and, for material changes, provide additional notice (such as an in-app notification) before the changes take effect.
10. Contact us
If you have questions about this Privacy Policy or how we handle your data, contact us at support@zoride.in.