Privacy Policy

Personal Information

We collect personal information that you provide directly to us, including:

• Name, email address, and phone number
• Company information and job title
• DOT numbers and carrier information
• CDL information and driver credentials
• Date of birth and emergency contact details (name, phone, relationship)
• Employment and qualification history, including prior employers, accident history, violation history, and driver pay type and rate
• Background-check and criminal-history results, where you authorize us or a third-party screening provider to obtain them
• Bank account and transaction information that you connect through our banking integration (via Plaid), including account balances, masked account and routing numbers, and transaction history
• Payment and billing information

Usage Information

We automatically collect information about how you use our services:

• Log data and usage patterns
• Device information and IP addresses
• Location data (with your consent)
• Precise vehicle location and telematics data from connected Electronic Logging Devices and GPS providers (such as Motive and Geotab), including latitude/longitude, speed, heading, engine status, odometer, and fuel level
• Activity and audit logs that record actions taken in your account (for example, creating or modifying loads, trucks, drivers, invoices, and logins, logouts, and data exports)
• Job board interaction data, including saved jobs, impressions, clicks, and applications
• Cookies and similar tracking technologies

If you use our Medical Courier services, you may submit or generate information that constitutes Protected Health Information ("PHI") under the Health Insurance Portability and Accountability Act ("HIPAA") — for example, recipient identity and verification details and information related to medical deliveries.

• Access to PHI is restricted by role, and PHI fields are masked from users who are not authorized to view them.
• PHI is logically segregated from general platform data and protected by role-based access controls.
• Where we handle PHI on your behalf as a "business associate," our processing is governed by a Business Associate Agreement ("BAA"), and we use and disclose PHI only as permitted by that agreement and HIPAA.
• You are responsible for ensuring you have the necessary authorizations to submit PHI to the Service and for using PHI only within the designated Medical Courier workflows.

This section is provided for transparency and does not, by itself, create a business-associate relationship; any such relationship is established only through a separate, executed BAA.

We use the information we collect to:

• Provide and improve our transportation management services
• Process transactions and manage your account
• Communicate with you about our services
• Ensure compliance with DOT and FMCSA regulations
• Provide customer support and technical assistance
• Optimize routing and dispatch and calculate estimated times of arrival and delay risk using vehicle location and telematics data
• Reconcile transactions and detect and prevent fraud using connected banking data
• Generate safety scores, coaching tasks, and risk alerts from driver and ELD/telematics data
• Analyze usage patterns to improve our platform
• Send marketing communications (with your consent)

We may share your information in the following circumstances:

• With your consent: When you explicitly agree to share information
• Service providers (sub-processors): With third-party vendors who help us operate our services. We share only the information each provider needs to perform its function on our behalf.
• Legal compliance: When required by law or to protect our rights
• Business transfers: In connection with mergers, acquisitions, or asset sales
• Safety and security: To protect the safety of our users and the public

The third-party service providers we rely on include:

• Stripe and Pica: Payment processing, subscription billing, and fraud prevention
• Supabase: Authentication and database hosting
• Plaid: Connecting your bank accounts and retrieving balances and transaction data
• Motive and Geotab: Electronic Logging Device and vehicle telematics/GPS data
• Postmark: Delivery of transactional and notification emails
• Twilio, RingCentral, and Vonage: SMS and text-message delivery. When you use Bring Your Own Messaging Service ("BYOMS"), messages are sent through the provider account you connect, and your chosen provider receives the relevant message data directly under your control.
• CorpTools: Business-formation and registered agent services (LLC/corporation filings)
• Intercom: Customer support and messaging
• Google Analytics: Website analytics and performance monitoring

We and our customers may send text (SMS) messages through the Service. These messages fall into two categories:

• Transactional messages, such as dispatch updates, delivery ETAs, and safety alerts, which support the operation of the Service; and
• Marketing messages, which are sent only where you have separately opted in.

Where required by law, we obtain your consent before sending messages. Message and data rates may apply. You can opt out of text messages at any time by replying STOP, and reply HELP for assistance. SMS notification preferences are off by default and can be managed in your account settings.

When a carrier uses Bring Your Own Messaging Service ("BYOMS"), messages are sent from the carrier's own approved messaging provider and phone number. The carrier is responsible for obtaining all required recipient consents and for complying with applicable telemarketing and messaging laws (including the Telephone Consumer Protection Act).

We implement appropriate technical and organizational measures to protect your personal information:

• Encryption of data in transit and at rest
• Credentials and API keys for connected third-party integrations are encrypted at rest and are not returned to your browser after you enter them
• Row-level security that restricts each carrier's data to that carrier and its authorized users
• Regular security assessments and updates
• Access controls and authentication measures
• Employee training on data protection practices
• Incident response and breach notification procedures

Under Texas and federal law, you have certain rights regarding your personal information:

• Access: Request access to your personal information
• Correction: Request correction of inaccurate information
• Deletion: Request deletion of your personal information
• Portability: Request a copy of your data in a portable format
• Opt-out: Unsubscribe from marketing communications

To exercise these rights, contact us at support@tl1inc.com.

We retain your personal information for as long as necessary to provide our services and comply with legal obligations. DOT and FMCSA regulations may require us to retain certain transportation records for specific periods. When we no longer need your information, we securely delete or anonymize it.

Specific categories of data may be retained on different schedules. Connected banking data is retained for as long as your account remains linked and as needed for reconciliation and recordkeeping; vehicle location history is retained to support dispatch, safety, and compliance; activity and audit logs are retained to maintain an accurate record of account activity; and Protected Health Information is retained in accordance with HIPAA and any applicable Business Associate Agreement.

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will take steps to delete such information.

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically.

If you have questions about this Privacy Policy or our data practices, please contact us: