Privacy Policy

HealthRide — Effective Date: February 23, 2026

Last updated: February 23, 2026

1. Introduction

HealthRide ("HealthRide," "we," "us," or "our") operates the HealthRide platform, which includes the HealthRide Driver App (Android/iOS), the HealthRide Provider Portal (web application), and the HealthRide Passenger App (Android/iOS). This Privacy Policy explains how we access, collect, use, and share your information when you use any of our applications and services (collectively, the "Services").

By using our Services, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with this policy, please do not use our Services.

We do not sell your personal data. We only collect information necessary to provide our non-emergency medical transportation (NEMT) services.

2. Scope of This Policy

This Privacy Policy applies to the following HealthRide products and services:

  • HealthRide Driver App — A mobile application for NEMT drivers to receive trip assignments, navigate to pickups and drop-offs, track trips in real time, and manage their schedule.
  • HealthRide Provider Portal — A web-based dashboard for NEMT provider companies to manage fleet dispatching, billing, driver management, and trip coordination.
  • HealthRide Passenger App — A mobile application for NEMT passengers to book rides, track their driver in real time, and manage their transportation appointments.

3. Information We Collect

3.1 HealthRide Driver App

When you use the HealthRide Driver App, we may access or collect the following information:

  • Account Information: Email address and password used to sign in to your driver account via our authentication system.
  • Profile Information: Your name, phone number, and profile photo as provided by your NEMT provider employer.
  • Device Location: Precise GPS location used for live trip tracking and navigation while the app is in use. See Section 4: Location Data for comprehensive details.
  • Trip Data: Pickup and drop-off addresses, trip status updates, timestamps of trip events (arrival, pickup, drop-off), and passenger information associated with assigned trips.
  • Vehicle Information: Vehicle name, type, and assignment details as configured by your provider.
  • Push Notification Tokens: Device tokens used to deliver trip notifications, schedule updates, and alerts.

3.2 HealthRide Provider Portal

When you use the HealthRide Provider Portal, we may collect:

  • Account Information: Business name, administrator email address, and password.
  • Business Information: Company name, address, phone number, and NEMT licensing details.
  • Fleet Data: Driver profiles, vehicle information, and scheduling data.
  • Trip & Billing Data: Trip records, invoices, mileage logs, and payment information.

3.3 HealthRide Passenger App

When you use the HealthRide Passenger App, we may collect:

  • Account Information: Name, email address, phone number, and password.
  • Ride Information: Pickup and drop-off addresses, appointment times, and ride preferences.
  • Device Location: Approximate location for ride booking and driver tracking purposes.

4. Location Data — Detailed Disclosure

📍 Important: Location Data Usage

The HealthRide Driver App accesses precise location data while the app is in use to enable live trip tracking and navigation. This section explains what location data is accessed, why, and how it is used.

4.1 What Location Data We Collect

The HealthRide Driver App accesses and collects the following location data:

  • Precise (Fine) Location: GPS-based latitude and longitude coordinates used during active trips for navigation and live tracking.
  • Approximate (Coarse) Location: Network-based location as a fallback when GPS is unavailable.

4.2 Why We Collect Location Data

Location data is collected from the Driver App exclusively for the following purposes:

  • Live Trip Tracking: To provide real-time driver location to dispatchers and passengers during active NEMT trips, ensuring safe and timely transportation.
  • Navigation & Routing: To provide turn-by-turn navigation to pickup and drop-off locations.
  • Trip Verification: To verify that pickups and drop-offs occurred at the correct locations, as required by NEMT regulations and broker compliance.
  • Estimated Time of Arrival (ETA): To calculate and display accurate arrival times to passengers and dispatchers.
  • Mileage Tracking: To automatically calculate trip distance for billing and invoicing purposes.

4.3 When Location Data Is Accessed

Location is accessed only while the app is in use:

  • Foreground: Location is accessed when the Driver App is open and visible on screen during active trips for navigation and live tracking.
  • During app switching: If the driver briefly switches to another app (e.g., a phone call or navigation app) during an active trip, the app may continue to access location to maintain uninterrupted live tracking for dispatchers and passengers. Location is never accessed when the app is fully closed.

4.4 How Location Data Is Used

We do not store permanent location histories. Location data is transmitted in real time to our servers to enable live tracking features and is associated with active trip records. Location data is used solely for the operational purposes described above and is not used for:

  • Advertising or ad targeting
  • Selling to third parties
  • Profiling or behavioral analysis
  • Any purpose unrelated to NEMT trip operations

4.5 Location Permissions

The Driver App requests the following Android permissions for location functionality:

  • ACCESS_FINE_LOCATION — For precise GPS location during trips.
  • ACCESS_COARSE_LOCATION — For approximate location as a fallback.
  • ACCESS_BACKGROUND_LOCATION — For location tracking during active trips when the app is in the background.
  • FOREGROUND_SERVICE_LOCATION — To maintain location tracking via a visible foreground notification during active trips.

You will be prompted to grant these permissions at runtime before any location data is collected. You may revoke location permissions at any time through your device's Settings, though this may affect your ability to complete trips.

5. How We Use Your Information

We use the information we collect for the following purposes:

  • Provide and operate our Services: To facilitate NEMT trip dispatching, driver-passenger matching, navigation, and trip completion.
  • Authentication and security: To verify your identity, secure your account, and prevent unauthorized access.
  • Communication: To send trip assignments, schedule updates, push notifications, and service-related alerts.
  • Compliance: To meet NEMT regulatory requirements, including trip verification, mileage documentation, and audit trails.
  • Improvement: To analyze usage patterns (in aggregate, non-identifiable form) to improve app performance and user experience.
  • Support: To respond to your inquiries and provide customer support.

6. How We Share Your Information

We do not sell your personal information to any third party. We may share your information only in the following limited circumstances:

  • With your NEMT Provider: Drivers' trip data, location during active trips, and performance metrics are shared with the provider company that employs or contracts with the driver.
  • With Passengers: During an active trip, the driver's real-time location and ETA are shared with the passenger being transported.
  • Service Providers: We share data with trusted service providers who help us operate our platform (see Section 7: Third-Party Services). These providers are contractually obligated to use data only for the services we've engaged them to perform.
  • Legal Requirements: We may disclose information if required by law, legal process, governmental request, or to protect the rights, safety, or property of HealthRide, our users, or the public.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, user data may be transferred as part of the transaction, with prior notice to affected users.

7. Third-Party Services

Our Services use the following third-party services that may access or process your data:

Supabase

Used for user authentication (email/password sign-in) and secure cloud database storage. Supabase processes account credentials and stores trip data. Supabase Privacy Policy

Google Maps / Google Play Services

Used for map display, turn-by-turn navigation, geocoding (converting addresses to coordinates), and route optimization in the Driver App. Google may collect certain device and usage data as described in the Google Privacy Policy.

Geolocator (Flutter Package)

An open-source Flutter plugin used to access the device's GPS hardware for location data collection. This plugin operates locally on the device and does not transmit data to any third party independently. Location data collected via Geolocator is sent solely to HealthRide servers for the purposes described in this policy.

Google Fonts

Used to load the Inter typeface for UI rendering. Google Fonts may log requests as described in the Google Fonts Privacy FAQ.

We ensure that all third-party service providers are compliant with applicable data protection laws and do not sell personal user data obtained through our applications.

8. Data Security

We take reasonable and appropriate measures to protect your personal data from unauthorized access, alteration, disclosure, or destruction. Our security practices include:

  • Encryption in transit: All data transmitted between our apps and servers uses HTTPS/TLS encryption.
  • Secure authentication: User passwords are hashed and salted using industry-standard algorithms. We never store plaintext passwords.
  • Access controls: Access to user data is restricted to authorized personnel on a need-to-know basis.
  • Row Level Security (RLS): Our database employs row-level security policies to ensure users can only access data they are authorized to view.
  • Runtime permissions: The Driver App requests sensitive permissions (such as location) at runtime, giving you control over what data the app can access.

While we strive to use commercially acceptable means to protect your personal data, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

9. Data Retention & Deletion

9.1 Retention

We retain your personal data only for as long as necessary to fulfill the purposes described in this policy:

  • Account data: Retained for as long as your account is active.
  • Trip data: Retained for up to 7 years to comply with NEMT regulatory requirements and audit obligations.
  • Location data: Real-time location data is used for active trip tracking and is associated with trip records. We do not maintain a continuous location history beyond trip records.

9.2 Account Deletion

You may request deletion of your account and associated personal data at any time by contacting us at support@healthride.app. Upon receiving a verified deletion request:

  • Your account will be permanently deleted within 30 days.
  • All personal data associated with your account will be deleted, except where retention is required by law or regulatory obligations (such as trip records required for NEMT compliance).
  • Any data retained for legal or regulatory purposes will be securely stored and not used for any other purpose.

10. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request correction of inaccurate or incomplete personal data.
  • Deletion: Request deletion of your personal data, subject to legal retention requirements.
  • Portability: Request a copy of your data in a machine-readable format.
  • Withdraw Consent: Revoke previously granted permissions (such as location access) at any time through your device settings.
  • Opt-out: Opt out of non-essential communications.

To exercise any of these rights, please contact us at support@healthride.app.

11. Children's Privacy

Our Services are not directed to children under the age of 13 (or the applicable age of consent in your jurisdiction). We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal data, please contact us at support@healthride.app, and we will take steps to delete such information.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make changes, we will update the "Effective Date" and "Last Updated" date at the top of this page. For material changes, we will provide notice through our applications or via email. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your data.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

HealthRide