Legal & Compliance

Privacy Policy

Last Updated: January 1, 2025  |  Effective Date: January 1, 2025

GDPR Compliant CCPA Compliant HIPAA Ready SOC 2 Type II
1. Introduction

DriveOnLLC ("Company," "we," "us," or "our") is committed to protecting the privacy and security of all personal information entrusted to us. This Privacy Policy describes how DriveOnLLC collects, uses, stores, shares, and protects personal information obtained through our website (driveonllc.us), our enterprise VoIP platform, and related cloud communication services.

This policy applies to all visitors, users, customers, and partners who interact with our services. By accessing or using DriveOnLLC services, you acknowledge that you have read and understood this Privacy Policy and consent to the practices described herein.

πŸ”’ Data Controller: DriveOnLLC, 667 Madison Ave, New York, NY 10065, USA. For EU/UK users, DriveOnLLC acts as both the Data Controller and Data Processor as defined under GDPR. Contact our Data Protection Officer at privacy@driveonllc.us.

2. Information We Collect

We collect various categories of information to provide, improve, and secure our enterprise VoIP and cloud communication services:

2.1 Information You Provide Directly
  • Account registration information: name, business email, company name, job title, phone number
  • Billing and payment information: credit card details, billing address (processed via PCI-compliant payment processors)
  • Contact form submissions, support tickets, and customer service communications
  • Contract information and enterprise agreement data
  • Preferences, settings, and customization choices made within the platform
2.2 Information Collected Automatically
  • Call metadata: call duration, timestamps, originating/terminating numbers (not call content unless Recording Service is enabled)
  • Log data: IP addresses, browser type, operating system, referring URLs, pages visited, time spent
  • Device information: device type, unique device identifiers, mobile network information
  • Usage analytics: feature usage patterns, navigation flows, error logs
  • Performance metrics: network latency, call quality scores, connection stability data
2.3 Information from Third Parties
  • CRM systems and business applications connected via our Integration Hub
  • Identity verification services for enterprise account security
  • Business intelligence and company profile databases for account enrichment
3. Cookies & Tracking Technologies

DriveOnLLC uses cookies and similar tracking technologies to enhance your experience on our platform and website. These technologies help us provide essential functionality, analyze usage patterns, and personalize your experience.

βœ… Strictly Necessary

Session management, authentication, security features, and load balancing. Cannot be disabled without impacting service functionality.

πŸ“Š Analytics Cookies

Google Analytics 4, Mixpanel β€” help us understand how visitors interact with our platform to improve user experience.

🎯 Functionality Cookies

Remember your preferences, language settings, dashboard configurations, and personalization choices.

You can control cookies through your browser settings or our Cookie Preference Center accessible in the website footer. Note that disabling certain cookies may affect platform functionality.

4. How We Use Your Information

DriveOnLLC uses collected information for the following legitimate business purposes:

  • Service Delivery: Providing, operating, and maintaining your DriveOnLLC enterprise VoIP and cloud communication services
  • Account Management: Managing your account, processing payments, and communicating about service updates
  • Technical Support: Diagnosing issues, troubleshooting platform problems, and providing customer support
  • Platform Improvement: Analyzing usage patterns to enhance features, performance, and user experience
  • Security & Fraud Prevention: Detecting, investigating, and preventing fraudulent transactions, abuse, and security breaches
  • Compliance: Meeting legal obligations, responding to lawful government requests, and enforcing our terms of service
  • Communications: Sending service notifications, security alerts, product updates, and (with consent) marketing communications
  • AI Analytics: If you use our AI Analytics service, call recordings and transcriptions are processed to deliver speech analytics insights
5. Data Sharing & Disclosure

DriveOnLLC does not sell, rent, or trade your personal information to third parties. We may share information in the following limited circumstances:

  • Service Providers: Trusted third-party vendors (AWS, Google Cloud, Stripe, Twilio) who assist in delivering our services under strict data processing agreements
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, personal data may be transferred subject to the same privacy protections
  • Legal Requirements: When required by law, court order, or governmental authority with appropriate legal process
  • Safety & Security: To protect the rights, property, or safety of DriveOnLLC, our users, or the public
  • Aggregated Analytics: We may share anonymized, aggregated data that cannot identify individuals for research and industry benchmarking purposes

🌍 International Transfers: Data may be processed in the United States and other countries where our service providers operate. For EU/UK customers, we utilize Standard Contractual Clauses (SCCs) approved by the European Commission to ensure adequate protection of your personal data.

6. Your Privacy Rights

Depending on your jurisdiction, you may have the following rights regarding your personal information:

πŸ” Right to Access

Request a copy of the personal data we hold about you

✏️ Right to Rectification

Correct inaccurate or incomplete personal data

πŸ—‘οΈ Right to Erasure

Request deletion of your personal data ("right to be forgotten")

β›” Right to Object

Object to processing for direct marketing purposes

πŸ“¦ Data Portability

Receive your data in a machine-readable format

⏸️ Right to Restrict

Restrict processing of your personal data in certain circumstances

To exercise any of these rights, submit a request to privacy@driveonllc.us . We will respond within 30 days. California residents have additional rights under CCPA including the right to know about data sales (we do not sell personal data) and the right to non-discrimination.

7. Security Measures

DriveOnLLC implements industry-leading security measures to protect your data against unauthorized access, disclosure, alteration, and destruction:

  • TLS 1.3 encryption for all data in transit; AES-256 encryption for data at rest
  • SRTP (Secure Real-time Transport Protocol) for all VoIP communications
  • Multi-factor authentication (MFA) requirements for all platform access
  • SOC 2 Type II certified infrastructure with annual third-party security audits
  • Zero-trust network architecture with microsegmentation
  • 24/7 Security Operations Center (SOC) monitoring for threat detection and response
  • Regular penetration testing conducted by certified security professionals
  • Employee security training and background checks for all staff handling customer data
  • GDPR Article 32 technical and organizational security measures fully implemented

In the event of a data breach, DriveOnLLC will notify affected customers within 72 hours in compliance with GDPR Article 33 requirements and applicable state breach notification laws.

8. Third-Party Services

Our platform integrates with third-party services to provide comprehensive functionality. These include:

  • Amazon Web Services (AWS): Cloud infrastructure hosting β€” AWS Privacy Policy applies
  • Google Cloud Platform: Analytics and AI services β€” Google Privacy Policy applies
  • Stripe: Payment processing β€” Stripe Privacy Policy and PCI DSS compliance apply
  • Salesforce, HubSpot, Zendesk: CRM integrations activated by customer choice
  • Twilio: PSTN carrier connectivity for voice termination
  • Google Analytics 4: Website analytics and usage tracking

Each third-party service provider is contractually obligated to protect your data and comply with applicable privacy laws. Links to their privacy policies are available in our documentation center.

πŸ“ Data Retention: We retain personal data for as long as necessary to provide services and fulfill legal obligations. Account data is retained for 7 years after account termination for tax and legal compliance. Call recordings are retained per your configured retention policy (minimum 30 days, maximum 7 years). You may request earlier deletion subject to our legal obligations.

9. Contact Information

For privacy-related inquiries, data requests, or to contact our Data Protection Officer:

Data Protection Officer

privacy@driveonllc.us

General Inquiries

info@driveonllc.us

Postal Address

667 Madison Ave
New York, NY 10065, USA

We reserve the right to update this Privacy Policy periodically to reflect changes in our practices, technology, or applicable law. Material changes will be communicated via email or a prominent notice on our platform with at least 30 days advance notice.

DriveOnLLC Support
● Online