Legal

Privacy Policy

Last updated: May 23, 2026 · GI Transport LLC

1. Who We Are

GILoad is a fleet and dispatch management platform operated by GI Transport LLC ("we," "us," or "our"). Our platform helps trucking companies manage drivers, loads, payroll, and compliance documents through our web application and mobile apps for iOS and Android.

If you have questions about this policy, contact us via WhatsApp at +1 725 261 3118.

2. Information We Collect

We collect information you provide directly when registering or using our platform:

2.1 Company Information

Company name, USDOT number, MC number, EIN, address, phone, and email.

2.2 User Information

Name, email address, username, password (encrypted), role within your company, and profile information.

2.3 Driver Information (sensitive)

• Identity: Full legal name, date of birth, address, phone, email
• CDL details: License number, issuing state, expiration date, endorsements
• Tax information: Social Security Number (SSN) for 1099 reporting (encrypted at rest)
• Medical certification: Medical exam expiration date and document images
• Payment details: Payment type (Owner Operator, Company Driver, Percentage), pay rates, and history
• Documents: Uploaded images of CDL, medical card, insurance, and other compliance documents

2.4 Load and Financial Data

Load details, rate confirmation PDFs, broker information, pickup/delivery locations and times, pay stubs, expenses, deductions, and audit logs.

2.5 Payment Information

Billing is processed through Stripe. We do not store credit card numbers on our servers. Only the last 4 digits and card type are retained for display purposes.

2.6 Mobile App Data

When you use our mobile apps, we collect:

• Device push notification tokens (Apple APNs or Google FCM identifiers) to deliver push notifications. These are stored encrypted and deleted upon logout or app uninstall.
• Device platform information (iOS or Android, app version) for diagnostics and compatibility.
• Photos uploaded by the user through the camera or photo library when uploading documents (POD, BOL, receipts). We do not access photos without explicit user action.
• Location — while-in-use (opt-in): When a driver taps actions such as "Arrived at Pickup", "Arrived at Delivery", or submits a Home Time request, the device's current GPS coordinates (latitude/longitude) are captured to timestamp the event and (in the case of Home Time) compute the route distance from the driver's current location. Coordinates are stored linked to the load or home-time request and never sold.
• Location — background route tracking (opt-in, only while a load is in transit): After a separate prominent disclosure and only if the driver grants "Always / Allow all the time" permission, GILoad records the truck's location while a load is in transit (it starts when the driver picks up and automatically stops when the load is delivered), including when the app is in the background or closed. This is used solely to (a) show dispatch the truck's real route on the map, (b) match weather alerts to the actual route, and (c) calculate paid mileage accurately. A persistent notification is shown the entire time tracking is active. It never runs when the driver has no active in-transit load. Location is never sold, never used for advertising, and never shared with third parties.
• In-app activity such as login events and status updates (for audit log purposes).

We do not collect:

• Background location outside of an active trip. Background location is collected ONLY while a load is in transit and ONLY if the driver opted in; it stops automatically on delivery. We never track location when there is no active in-transit load, and never for advertising, geofencing of personal time, or profiling.
• Contacts, calendar, microphone, or other unrelated device data
• Browsing data outside the app

2.7 Gmail OAuth tokens (optional)

ONLY if you choose to connect your company's Gmail account to send paystubs/1099 to your drivers from your own email. Storage is encrypted. We do not read your inbox. This is an optional feature — paystubs can also be sent via our standard email service (AWS SES) without connecting Gmail.

3. How We Use Your Information

• To provide and operate the GILoad platform and mobile apps
• To process subscription payments via Stripe
• To send paystubs and documents to drivers via our email service (AWS SES) or your connected Gmail account (if you chose that option)
• To deliver push notifications about loads, status updates, paystubs, document expirations, and other events
• To notify you about trial expiration, subscription status, and document compliance alerts
• To process AI-powered OCR on uploaded rate confirmation PDFs (see Section 6)
• To maintain audit logs for security and compliance
• To improve and maintain our services
• To comply with legal obligations (e.g., tax reporting, court orders)

4. Data Isolation & Multi-Tenancy

GILoad is a multi-tenant platform. Each company's data is strictly isolated — your drivers, loads, pay stubs, and documents are only visible to authorized users within your company. No other company can access your data.

5. Data Sharing

We do not sell your data. We share data only with the following third parties as necessary to operate the service:

5.1 Stripe (payments)

For payment processing. Subject to Stripe's Privacy Policy.

5.2 Amazon Web Services (email infrastructure and storage)

• AWS SES: We use Amazon Simple Email Service to deliver transactional emails such as account confirmations, password resets, invitations, and system notifications. Emails are sent from giload.app addresses (e.g., noreply@giload.app, payroll@giload.app).
• AWS S3: We store uploaded files (Rate Confirmation PDFs, driver documents, POD/BOL photos) in Amazon S3 with encryption at rest.

Subject to AWS Privacy Policy.

5.3 Google (optional Gmail integration for paystubs)

This integration is OPTIONAL. If you choose to connect your company's Gmail account, GILoad will use it to send paystubs and 1099 forms to your drivers under your company name (instead of from GILoad). We store OAuth tokens encrypted. You may disconnect at any time. If not connected, paystubs are sent via AWS SES from payroll@giload.app. Subject to Google's Privacy Policy.

5.4 OpenAI (AI/OCR processing)

Rate Confirmation PDFs uploaded to GILoad are sent to OpenAI (GPT-5 mini, with GPT-4.1 mini as fallback) for OCR analysis to automatically extract structured data. Per OpenAI's API terms, data submitted via the API is not used to train models and is retained only as needed to provide and improve the service (typically up to 30 days for abuse monitoring, then deleted). Subject to OpenAI's Privacy Policy.

5.5 Anthropic (AI Help Assistant)

The in-app GILoad AI assistant (chat, load analysis, suggestions) is powered by Anthropic Claude. When you interact with the assistant, your message and the conversation context (last ~10 turns) are sent to Anthropic for inference. Per Anthropic's API terms, this data is not used to train AI models. Anthropic's default API retention is up to 30 days for abuse monitoring. We do not send sensitive driver PII (SSN, DL number) to Anthropic — only operational context (load metadata, fleet metrics, your written question). Subject to Anthropic's Privacy Policy.

5.6 Apple and Google (push notifications)

Push notification messages are routed through Apple Push Notification Service (APNs) for iOS devices and Google Firebase Cloud Messaging (FCM) for Android devices. We do not share user data with Apple or Google beyond the notification content and device tokens necessary to deliver messages.

5.7 Google Maps (geocoding)

We use Google Maps APIs to geocode addresses for routing and distance calculations. No personally identifiable information is shared in these requests. Subject to Google's Privacy Policy.

5.8 Legal requirements

We may disclose data if required by law, subpoena, or to protect our rights and the safety of users.

6. AI-Powered OCR Processing

GILoad uses artificial intelligence (GPT models by OpenAI) to extract structured data from Rate Confirmation PDFs. Here is how this works:

• When you upload a PDF, the file is sent to OpenAI's API for analysis
• OpenAI returns extracted fields (load number, broker, addresses, dates, miles, etc.) with confidence scores
• The PDF and extracted data are stored on our servers under your company account
• OpenAI does not use your API data to train models and retains it only as needed for abuse monitoring (typically up to 30 days, then deleted)

You may disable AI processing by using manual data entry instead of PDF upload. AI extraction may not be 100% accurate; always verify before saving.

7. Data Retention & Account Deletion

You may request deletion of your account at any time, free of charge, directly from the mobile app (Settings → Delete Account) or by contacting us. Upon a deletion request:

• Mobile push notification tokens and active session/refresh tokens are revoked immediately.
• Your account enters a 30-day grace period during which you may cancel the deletion. During the grace period, login is permitted with limited functionality (read-only access to your history) so you can reverse the request.
• After the grace period, your personally identifiable information (name, email, phone, tax ID, social security number, address) is permanently anonymized in our database.
• Operational records linked to your account (loads, paystubs, 1099 records, document scans tied to compliance) are retained in anonymized form to the extent legally required: IRS tax records (4 years), DOT driver qualification files (3 years from termination), and applicable state regulations.
• If you cancel your subscription without requesting account deletion, your data remains accessible until you reactivate or request deletion.

To request deletion: open the mobile app → Settings → Delete Account. Alternatively, contact us via WhatsApp at +1 725 261 3118.

8. Security

We use industry-standard security measures including:

• HTTPS encryption for all data in transit
• Encrypted database storage for sensitive fields (SSN, OAuth tokens, push tokens)
• Encryption at rest in AWS S3 for all uploaded files
• Role-based access controls to limit data visibility
• Audit logs of all critical actions
• Multi-tenant isolation at the database level
• Secure mobile app authentication via tokens (JWT)

We periodically review and update our security practices. However, no system is 100% secure.

9. Your Rights

You have the right to:

• Access: Request a copy of the personal data we hold about you
• Correction: Request correction of inaccurate data
• Deletion: Request deletion of your data (subject to legal retention requirements)
• Portability: Request export of your data in a structured format
• Disconnect: Disconnect your Gmail account at any time from your company settings
• Revoke permissions: Revoke mobile app permissions (camera, notifications) through your device settings
• Opt out of notifications: Disable push notifications through your device settings or in-app preferences

To exercise these rights, contact us via WhatsApp at +1 725 261 3118.

9.1 California Residents (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act, including the right to know what personal information is collected, the right to delete personal information, and the right to opt-out of the sale of personal information. We do not sell personal information.

10. Children's Privacy

GILoad is not intended for use by individuals under 18 years of age. Drivers using the mobile app must hold a valid Commercial Driver's License (CDL), which requires being 21+ for interstate driving in the United States. We do not knowingly collect data from minors. If we become aware of such data, we will delete it promptly.

11. Cookies and Tracking

We use session cookies to keep you logged in to the web platform. We do not use tracking, advertising, or analytics cookies. Mobile apps do not use cookies but maintain authentication state via secure tokens.

12. Mobile App Data Practices

In compliance with Apple App Store and Google Play Store policies:

• Data linked to your identity: Email, name, phone, user ID (used for authentication and core functionality)
• Data not linked to your identity: Crash logs, device platform info (used for diagnostics)
• Location: GPS coordinates — while-in-use on arrival/home-time actions, and (opt-in) background route tracking while a load is in transit. Used for app functionality only; never for advertising.
• Data NOT collected: Contacts, browsing history, advertising identifiers, microphone audio, health/fitness data. No location tracking outside of an opted-in active trip.

The GILoad mobile apps are designed with a "data minimization" principle — we only collect what is necessary to provide the service.

13. International Users

GILoad is operated from the United States. If you are located outside the United States, your data will be transferred to and stored in the United States. By using the Platform, you consent to this transfer.

14. Changes to This Policy

We may update this policy from time to time. We will notify registered users of significant changes via email and in-app notification. Continued use of the platform after changes constitutes acceptance of the updated policy.

15. Contact

For any privacy-related questions, requests, or concerns, contact GI Transport LLC via WhatsApp at +1 725 261 3118.