✓ GDPR Compliant
1. Who We Are
Full details including registered company details to be added following legal review.
RouteRate ("we", "us", "our") is a commercial vehicle route costing service. We are the data controller for personal data collected through this Service. Our registered address and company details will be listed here upon completion of company registration.
2. What Data We Collect
Full data inventory to be completed following legal review.
We collect and process the following categories of personal data:
- Account data: Name, email address, company name collected at registration
- Usage data: Routes calculated, quotes saved, feature usage patterns
- Technical data: IP address, browser type, device information, access logs
- Payment data: Billing information processed by our payment provider (Stripe). We do not store card details directly.
- Communications: Any correspondence you send to us
3. How We Use Your Data
Full lawful basis for each processing activity to be added following legal review.
We use your personal data to:
- Provide and maintain the RouteRate service
- Process your subscription and manage your account
- Send service-related communications including confirmations and receipts
- Improve the Service based on aggregated usage patterns
- Comply with legal obligations
- Respond to support requests
We do not sell your personal data to third parties. We do not use your data for advertising purposes.
4. Data Storage and Security
Full details of data storage locations and security measures to be added.
Your data is stored on Supabase infrastructure located within the European Union (EU West region). We implement appropriate technical and organisational measures to protect your data against unauthorised access, alteration, disclosure or destruction.
All data transmission between your browser and our servers is encrypted using TLS. Account passwords are hashed and never stored in plain text.
5. Third Party Services
Full data processing agreements with third parties to be documented.
We use the following third-party services which may process your data:
- Supabase — Database and authentication (EU West)
- Google Maps Platform — Route calculation and mapping
- Stripe — Payment processing
- Vercel — Application hosting
Each provider operates under their own privacy policy and appropriate data processing agreements are in place.
6. Your Rights Under GDPR
Full rights and exercise procedures to be added following legal review.
As a data subject under GDPR you have the following rights:
- Right of access — You may request a copy of all personal data we hold about you
- Right to rectification — You may request correction of inaccurate data
- Right to erasure — You may request deletion of your data ("right to be forgotten")
- Right to portability — You may request your data in a machine-readable format
- Right to object — You may object to processing based on legitimate interests
- Right to restrict processing — You may request we limit how we use your data
To exercise any of these rights please contact us at privacy@routerate.app. We will respond within 30 days.
7. Data Retention
Retention periods to be finalised following legal review.
We retain your account data for as long as your account remains active. Upon account deletion, personal data is removed within 30 days. Quote and usage data may be retained in anonymised form for service improvement purposes.
8. Cookies
Full cookie audit and consent mechanism to be added.
RouteRate uses session cookies for authentication and local storage for user preferences. We do not use advertising or tracking cookies. A full cookie policy will be published prior to any paid service commencing.
9. Contact and Complaints
For privacy-related queries contact us at privacy@routerate.app
You have the right to lodge a complaint with the Data Protection Commission (Ireland) at dataprotection.ie if you believe we have not handled your data appropriately.