Privacy Policy

1. Introduction

Routely LLC (“Routely,” “we,” “us,” or “our”) is a Florida limited liability company operating a same-day medical courier service. This Privacy Policy describes how we collect, use, disclose, and protect information about you when you use our website at routelypro.com (the “Site”), our mobile applications, and our courier services (collectively, the “Services”).

By using our Services, you agree to the collection and use of information in accordance with this Policy. If you do not agree with any part of this Policy, please do not use our Services.

This Policy does not apply to Protected Health Information (“PHI”) governed by the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and its implementing regulations. PHI handling is governed by our HIPAA Notice of Privacy Practices, available separately at /hipaa-notice.

2. Information We Collect

2.1 Information You Provide Directly

We collect information you voluntarily provide when you:

• Register for an account (name, email address, phone number, business name, address)
• Request a pickup or delivery (pickup/delivery addresses, contact names, delivery instructions)
• Apply to become a Routely driver (full legal name, Social Security Number for background check, driver's license, vehicle information, banking details for payment)
• Contact our customer support team
• Subscribe to our communications
• Complete surveys or feedback forms

2.2 Information We Collect Automatically

When you use our Site or Services, we automatically collect:

• Log data (IP address, browser type, browser version, pages visited, time and date of visit, time spent on pages, referring URLs)
• Device identifiers and operating system information
• Location data (with your permission, for drivers and for delivery tracking)
• Usage data about how you interact with our Services
• Cookies and similar tracking technologies (see Section 7)

2.3 Information from Third Parties

We may receive information about you from third-party sources such as identity verification services, background check providers (for drivers), payment processors, and publicly available databases. We combine this information with data we collect directly from you.

3. How We Use Your Information

We use the information we collect to:

• Provide, operate, and improve our Services
• Process and fulfill delivery orders and route assignments
• Verify your identity and conduct background checks for drivers
• Communicate with you about orders, account activity, and service updates
• Process payments and prevent fraudulent transactions
• Generate delivery tracking and proof-of-delivery documentation
• Comply with legal and regulatory obligations, including HIPAA
• Enforce our Terms of Service and protect the rights and safety of Routely, our clients, and the public
• Conduct analytics to understand usage patterns and improve our platform
• Send marketing communications where you have consented (you may opt out at any time)
• Respond to your inquiries and provide customer support

4. HIPAA and Protected Health Information

Routely acts as a Business Associate under HIPAA when providing services to Covered Entities (healthcare providers, health plans, and healthcare clearinghouses). In this capacity, we may handle Protected Health Information (“PHI”) on behalf of our healthcare clients.

Our handling of PHI is governed by our executed Business Associate Agreements and our HIPAA Notice of Privacy Practices. We implement physical, technical, and administrative safeguards required by the HIPAA Security Rule to protect electronic PHI.

If you are a patient whose information has been handled by Routely in the course of a healthcare delivery, please contact the covered entity (your healthcare provider) directly for questions about how your PHI was used. You may also review our HIPAA Notice of Privacy Practices at /hipaa-notice.

5. Disclosure of Your Information

We may share your information with:

5.1 Service Providers

Third-party vendors who assist us in operating our business, including cloud hosting providers, payment processors, background check services, communication platforms, and analytics providers. These providers are contractually bound to protect your information and use it only for the purposes for which it was shared.

5.2 Business Clients

When a healthcare provider, pharmacy, or other business engages Routely, we share delivery information with that client as necessary to fulfill the service, including pickup/delivery confirmations and proof-of-delivery documentation.

5.3 Legal Requirements

We may disclose your information when required by law, court order, subpoena, or regulatory requirement, or when we believe in good faith that disclosure is necessary to protect the rights, property, or safety of Routely, our users, or the public.

5.4 Business Transfers

In connection with a merger, acquisition, asset sale, or reorganization of Routely, your information may be transferred to the successor entity, subject to the same privacy protections described in this Policy.

6. Data Retention

We retain your personal information for as long as necessary to provide our Services, comply with our legal obligations, resolve disputes, and enforce our agreements. Specific retention periods are:

• Account information: Retained for the life of your account plus 3 years after account closure
• Delivery records: Retained for 7 years to support chain-of-custody documentation and legal requirements
• Driver records: Retained for 7 years following separation from Routely as required by employment and tax laws
• Financial transaction records: Retained for 7 years as required by Florida and federal tax laws
• PHI in delivery records: Retained in accordance with applicable HIPAA requirements and executed BAAs, generally a minimum of 6 years
• Marketing data: Retained until you opt out or withdraw consent

7. Cookies and Tracking Technologies

We use cookies, web beacons, and similar tracking technologies to collect information about your interactions with our Site. Cookies are small data files stored on your device that help us improve your experience and understand how our Site is used.

We use the following types of cookies:

• Strictly Necessary Cookies: Required for the operation of our Site, including authentication and security functions. These cannot be disabled.
• Functional Cookies: Remember your preferences and settings to improve your experience.
• Analytics Cookies: Help us understand how visitors interact with our Site (e.g., Google Analytics). We anonymize IP addresses where possible.
• Marketing Cookies: Used to deliver relevant advertisements. Only used with your explicit consent.

You can control cookies through your browser settings. Disabling certain cookies may affect the functionality of our Site. For more information, visit aboutcookies.org.

8. Your Rights Under Florida and California Law

8.1 Florida Information Protection Act (FIPA)

Under Florida Statute § 501.171, if a breach of security involving personal information occurs, Routely will notify affected Florida residents within 30 days of determination of the breach, as required by law. Notifications will be provided via email, written notice, or through prominent posting on our Site.

8.2 California Consumer Privacy Act (CCPA) / CPRA

To the extent the CCPA/CPRA applies to our processing of your personal information, California residents have the right to:

• Know what personal information we collect, use, disclose, and sell
• Delete personal information we hold about you (subject to exceptions)
• Opt out of the “sale” or “sharing” of personal information (we do not sell personal information)
• Correct inaccurate personal information
• Limit the use of sensitive personal information
• Non-discrimination for exercising CCPA rights

To exercise these rights, contact us at privacy@routelypro.com. We will respond within 45 days as required by law.

9. Data Security

We implement industry-standard technical, administrative, and physical safeguards to protect your personal information from unauthorized access, use, alteration, or destruction. These measures include:

• TLS/SSL encryption for data in transit
• Encryption of sensitive data at rest
• Access controls and role-based permissions
• Regular security assessments and penetration testing
• Employee training on data security and HIPAA
• Incident response procedures

No method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

10. Children's Privacy

Our Services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children under 18. If you believe we have inadvertently collected such information, please contact us immediately at privacy@routelypro.com and we will take steps to delete it promptly.

11. Third-Party Links

Our Site may contain links to third-party websites. These sites have their own privacy policies, and we are not responsible for their practices. We encourage you to review the privacy policy of any third-party site you visit.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated Policy on our Site with a revised “Last Updated” date and, where required by law, by sending you a direct notification. Your continued use of our Services after any changes constitutes your acceptance of the updated Policy.

13. Contact Us

For questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact: