Privacy Policy - Hip for Business | Hip | Love Your Commute

Privacy Policy – Hip for Business

Last modified: 9/21/2020
Hip Mobility, Inc. Corporate Offering Business Privacy Policy
I. Introduction
The Hip for Business mobile applications and software platform is used to manage commute rides for corporate employees (“Hip For Business”). To enable these Hip For Business applications, websites and software platform (the “Services”), Hip and its affiliates and subsidiaries (collectively, “Hip”) collect and use certain information about our Users (defined below) including without limitation, when they use or communicate with us regarding our Services. This business privacy policy (the “Business Privacy Policy”) describes the personal data we collect from Users of Services in connection with Hip For Business, how this data is used and shared, and Users’ choices regarding this data. This Business Privacy Policy shall apply to only Users (as defined herein below) of Hip For Business and shall supersede the commercial user Privacy Policy (the “Privacy Policy”) with respect to the Users (as defined below) and any and all prior business privacy policies, if any. This Business Privacy Policy is incorporated by reference into the Hip Mobility, Inc. Terms of Use and any reference to the “Privacy Policy” in the Terms of Use shall include the commercial user Privacy Policy and this Business Privacy Policy, as applicable to such Hip commercial users or Users (as defined herein).
By accessing and using the Services, you consent to our collection, storage, use and disclosure of your personal information and other information as described in this Business Privacy Policy.
II. Overview
A. Scope and application
This Business Privacy Policy applies to all Users of Hip For Business rides apps, websites, features, or other services anywhere in the United States. This Business Privacy Policy specifically applies to the following User groups of Hip For Business:
● Businesses - A corporation or organization which enters into a Hip For Business contract with Hip, either directly or where Hip is the third-party software service for the Business’ contracted transportation provider.
● Business Riders (hereinafter referred to as “Riders”) - Employee of a Business, who is the end-user of the Hip mobile app and a customer of the transportation Services
● Business Managers (hereinafter referred to as “Managers”) - Specific employees of a Business designated to manage the Hip For Business program for the Business, thus provided access to additional software and/or websites for this purpose.
Collectively, those subject to this Business Privacy Policy are referred to as “User” or “Users” in this Business Privacy Policy and, unless otherwise noted, this Business Privacy Policy applies to all Users in these three groups.
The practices described in this Business Privacy Policy are subject to applicable laws in the places in which we operate. This means that we engage in the practices described in this Business Privacy Policy in a particular country or region only if permitted under the laws of those places.

III. Data collections and uses
A. The data we collect
Hip collects:
● Data provided by Users to Hip, such as during account creation
● Data created during use of our Services, such as location, app usage, and device data
● Data from other sources, such as Hip corporate partners and third parties that use Hip’s APIs
The following data is collected by or on behalf of Hip:
1. Data provided by Riders and Business Managers. This includes:
● a) User profile: We collect data when Users create, modify, or log in to their account; when they request support from or otherwise communicate with us. This may include their name, email address, phone number, payment information, pick up and drop off locations and other information they choose to provide.
● c) Data submitted through communications with Hip: We collect the information Users submit when they contact Hip customer support, or otherwise contact Hip. This may include feedback, photographs, or other recordings collected by Users.
2. Data provided by Businesses. This includes, without limitation:
● Employee data: Businesses may share data, either aggregated or individualized, about its employees as is necessary to generate a price quote, plan and/or carry out employee transportation Services. This data may include without limitation: employee home address and/or zip code, employee name, business email address, employee ID number.
● Business information: Businesses may share data about their physical footprint, such as office locations and addresses, corporate campus layouts, shift start and end times or other information which is necessary for planning and/or carrying out transportation Services.
3. Data created during use of our Services. This includes, without limitation:
● Location data: The User experience is enhanced by certain features that require sharing precise or approximate location data from Riders’ mobile devices, such as showing a vehicle’s real-time location in relation to the Rider. However, Hip For Business Services do not require sharing such data. . We only use such data where Users have granted us permission to do so through the permission system used by their mobile device. Hip collects this data when the app is running in the foreground (app open and on-screen) or background (app open but not on-screen) of their mobile device.
● Transaction information: We collect transaction information related to the use of our Services, including the date and time the service was provided, payment amounts, and other related transaction details.
● Usage data: We collect data about how Users interact with our Services (including analytics that we or third parties conduct for the purpose of improving our Services). This includes data such as access dates and times, app features and/or pages viewed, app crashes and other system activity, type of browser, and third-party sites or Services used before interacting with our Services. In some cases, we collect this data through cookies, pixels, tags, and similar tracking technologies that create and maintain unique identifiers.
● Device data: We may collect data about the devices used to access our Services, including the hardware models, device IP address, operating systems and versions, software and file names and versions, preferred language, unique device identifiers, serial numbers, device motion data, and mobile network data.
4. Data from other sources.
In addition to the above, we may collect additional data from other sources, including without limitation:
● If Users engage with a separate app or website that uses our API (or whose API we use), we may receive information about them or their connections from that site or app.
● If Users also interact with other Hip products and Services, for instance to request or provide Services through other Hip apps, we may combine or associate that information with information we have collected from them in their capacity as a User.
Hip may combine the data collected from these sources with other data in its possession.
B. How we use personal data
Hip collects and uses data to facilitate reliable commuter or other transportation Services for Businesses and their employees. We also may use the data we collect:
● To enhance the safety and security of our Users and Services;
● For customer support; and
● In connection with governmental or legal proceedings.
Hip does not sell or share Hip For Business User data with third parties for marketing purposes.
Hip uses the data it collects for purposes including, without limitation:
1. Providing Services and features. Hip uses the data we collect to provide, personalize, maintain, and improve our products and Services. This includes without limitation using the data to:
● Create and update Users’ accounts;
● Track and record relevant service information, such as a Riders’ boarding status, booked vehicle capacity, real-time vehicle capacity;
● Send communications to other Users of the Services, such as Managers, regarding the current status of Services;
● Personalize and improve the Services, including to develop new features;
● Improve the quality and safety of the Services and perform internal operations;
● Facilitate payments for the Services; and
● Perform internal operations necessary to provide our Services, including to troubleshoot software bugs and operational problems; to conduct data analysis, testing, and research; and to monitor and analyze usage and activity trends.

2. Safety and security. We use personal data to help maintain the safety, security, and integrity of our Services and Users. This includes without limitation:
● Using device, location, profile to ensure the safety of Services, including restricting vehicle access only to authorized Users, maintaining passenger manifests, contact tracing logs, and any other safety features developed by Hip and/or requested by a Business as part of their Scope of Services;
● Authenticating Users;
● Developing safety features;
● Prevent and identify fraud and other unlawful activity; and
● Comply with and enforce applicable legal requirements, relevant industry standards and our policies.
3. Customer support. Hip uses the information we collect (including recordings of customer support calls with Business Privacy Policy to and the consent of the User) to provide customer support, including without limitation to:
● Direct questions to the appropriate customer support person;
● Investigate and address User concerns;
● Monitor and improve our customer support responses and processes; and
● Improve our product User experience and features.
4. Research and development. We may use the data we collect for testing, research, analysis, product development, and machine learning to improve the User experience. This helps us to improve and enhance the safety and security of our Services, improve our ability to prevent the use of our Services for illegal or improper purposes, develop new features and products, and facilitate finance solutions in connection with our Services.
● 1) Non-marketing communications. Hip may use the data we collect to generate and provide Users with receipts; inform them of changes to our terms, Services, or policies; or send other communications that aren’t for the purpose of marketing the Services or products of Hip or its partners.
● 2) Legal proceedings and requirements. We may use the personal data we collect to investigate or address claims or disputes relating to use of Hip Services, or as otherwise allowed by applicable law, or as requested by regulators, government entities, and official inquiries.

C. Cookies and third-party technologies
Hip uses cookies and other identification technologies on our apps, websites, emails, and online ads for purposes described in this Business Privacy Policy.
Cookies are small text files that are stored on browsers or devices by websites, apps, online media. Hip uses cookies and similar technologies in the Hip For Business platform for purposes such as:
● Authenticating Users;
● Remembering User preferences and settings; and
● Analyzing Hip For Business platform usage trends and patterns.
We may also allow others to provide audience measurement and analytics Services for us, and to track and report on the usage of Hip For Business platform elements. These entities may use cookies, web beacons, SDKs, and other technologies to identify the devices used by visitors to our websites, as well as when they visit other online sites and Services.

D. Data sharing and disclosure
Some of Hip’s products, Services, and features require that we share data with other Users or at a User’s request. We may also share data with our affiliates, subsidiaries, and partners, for legal reasons or in connection with claims or disputes.
Hip may share the data we collect:
1. With other Users or third parties
This includes without limitation, sharing data:
• About Riders’ usage with their Business and associated Managers. We share certain information about Riders’ use of the Services, such as frequency of usage, or feedback about the Services with the Affiliated Partner to help them understand the value of Hip For Business. If a Business pays for Riders’ transportation either partially or in whole, we are obligated to share specific information about your trip with your employer for tax and payroll purposes.
• About Businesses, Business Riders and their locations with transportation providers as needed to complete Services. We share information about Businesses, such as workplace addresses, grounds access instructions, and building entry points, with our partner transportation providers as needed to provide transportation Services.
2. At Users’ request
We will share Users’ data upon their request in connection with Services or features that require data sharing.
3. With the general public
Questions or comments from Users submitted through public forums, such as blogs and social media pages, may be viewable by the public, including any personal data included in the questions or comments submitted by a User, or other features of the Services that are viewable by the general public.
4. With Hip affiliates and third parties
We share data with Hip affiliates to help us provide our Services or conduct data processing on our behalf, or for data centralization and/or logistics purposes. We also share data with third parties with whom Users choose to let us share data, for example other apps or websites that integrate with our API or Services, or those with an API or service with which we integrate.
5. With Hip service providers and business partners
Hip may provide data to vendors, consultants, and other service providers or business partners, in the course of providing Services. These include without limitation:
● Transportation providers;
● Payment processors and facilitators;
● Cloud storage providers;
● Customer communication & support platform providers, including social media-based customer support Services;
● Data analytics providers;
● Vendors that assist Hip to enhance the safety and security of its apps and Services; and
● Consultants, lawyers, accountants, and other professional service providers.
6. For legal reasons in the event of a dispute
Hip may share Users’ personal data if we believe it’s required by applicable law, regulation, operating license or agreement, legal process or governmental request, or where the disclosure is otherwise appropriate due to safety or similar concerns.
This includes sharing personal data with law enforcement officials, public health officials, other government authorities, or other third parties as necessary to enforce our Terms and Conditions, User agreements, or other policies; to protect Hip rights or property or the rights, safety, or property of others; or in the event of a claim or dispute relating to the use of our Services. In addition, where a User uses another person’s credit card, we may be required by law to share that User’s personal data with the owner of that credit card.
This also includes sharing personal data with others in connection with, or during negotiations of, any merger, sale of company assets, consolidation or restructuring, financing, or acquisition of all or a portion of our business by or into another company.
7. With consent
Hip may share a User’s personal data other than as described in the Privacy Policy or this Business Privacy Policy, if we notify the User and they consent to the sharing.
E. Data retention and deletion
Hip retains User profile, transaction, and other personal data for as long as a User maintains their Hip account and if longer, as long as required by applicable law.
Hip retains transaction, location, usage, and other information for as long as necessary, such as in connection with regulatory, tax, insurance, or other requirements in the places where it operates.
Users may request deletion of their accounts at any time. Following such request, Hip deletes the data it is not required, or has no legitimate business purpose, to retain and restricts access to or use of remaining information it does retain.
Hip retains User profile and transaction information for as long as a User maintains their Hip account.
Hip retains location data of Hip For Business Riders for 30 days, unless longer retention is required by law.
Hip retains device, and usage data for as long as necessary to provide Services and comply with applicable regulatory, tax, insurance, litigation, and other legal requirements. Hip may also use such information for purposes of safety, security, fraud prevention and detection, and research and development for as long as it retains such information.
Upon termination of a service agreement with a Business customer, Hip will delete User data of all associated Business Riders within 30 days, unless there is outstanding personal credit on a Rider account, or there is a legal reason for longer retention.
Users may request the deletion of their account by emailing support@ridehip.com. Following such request, Hip deletes the data that it is not required to retain for purposes of regulatory, tax, insurance, litigation, or other legal requirements. In certain circumstances, Hip may be unable to delete a User’s account, such as if there is an outstanding credit on the account or an unresolved claim or dispute. Upon resolution of the issue preventing deletion, Hip will delete the account as described above.
Hip may also retain certain information if necessary for purposes of safety, security, and fraud prevention. For example, if we deactivate a User’s account because of unsafe behavior or security incidents, we may retain certain information about that account to prevent that User from opening a new Hip account in the future.
F. Grounds for processing
We only collect and use personal data where we have lawful grounds to do so. These include processing User personal data to provide requested Services and features, for purposes of Hip’s legitimate interests or those of other parties, to fulfill our legal obligations, or based on consent.
We collect and use personal data only where we have one or more lawful grounds for doing so. Such grounds may vary depending on where our Users are located, but generally include processing personal data:
1. To provide requested Services and features
In order to provide our Services, we must collect and use certain personal data. This includes without limitation:
● User profile data, which we use to establish and maintain User accounts; verify User identity; communicate with Users about their booked trips, and accounts; and enable Users to make payments;
● Location data, which is used to show a User’s location relative to a vehicle or pick-up stop;
● Usage data, which is necessary to maintain, optimize, and enhance Hip Services;
● Transaction information; and
● Information relating to customer support.
2. For purposes of the legitimate interests of Hip or other parties
Hip collects and uses personal data for purposes of the legitimate interests of Hip or other parties. This includes using personal data to maintain and enhance our Users’ safety and security. For example, we use personal data to prevent use of our Services by Users who have engaged in inappropriate or dangerous behavior, such as by retaining data of banned Users to prevent their use of Hip apps.
This also includes purposes such as combating fraud; improving our Services, direct marketing, machine learning, and research and development; and enforcing Hip Terms and Conditions.

In addition, it includes using personal data to the extent necessary for the interests of other people or the general public, such as in connection with legal or insurance claims, and to protect the rights and safety of others.
3. To fulfill Hip legal obligations
Hip is subject to the laws and regulations in the jurisdictions in which it operates that may require it to collect, process, retain, and disclose Users’ personal data. We collect and use personal data to comply with such laws.
Hip may also share data with law enforcement regarding criminal acts or threats to public safety, or requests by third parties pursuant to legal processes.
4. With consent
Hip may collect and use personal data based on the User’s consent. For example, we may collect personal data through voluntary surveys.

Users may revoke such consent at any time. However, they will not be able to use any service or feature that requires collection or use of that personal data.
IV. Choice and transparency
Hip enables Users to access and control the data that it collects, including without limitation, through:
● In-app settings; and
● Device permissions.
Hip also enables Users to request access to or copies of their data, changes or updates to their accounts, deletion of their accounts, or that Hip restrict its processing of User personal data.
1. Device permissions
Most mobile device platforms (iOS, Android, etc.) have defined certain types of device data that apps cannot access without the device owner’s permission, and these platforms have different methods for how that permission can be obtained. iOS devices notify Users the first time the Hip Mobility, Inc. app requests permission to access certain types of data and gives Users the option to grant or refuse permission. Android devices notify Users of the permissions that the Hip Mobility, Inc. app seeks before their first use of the app, and use of the app constitutes a grant of such permission.
● Location data
We request permission for our app's collection of precise location from a User’s device (whether their own device or otherwise) per the permission system used by their mobile operating system. If they initially permit the collection of this data, they can later disable it by changing the location settings on their mobile device. However, disabling collection of precise location from their device will not limit our ability to derive an approximate location from their IP address to personalize the content of the websites and/or app.
● Important information about device permissions
The permissions requested by the Hip app include permission to collect Users’ location data for the purposes described above. This permission enables Hip Mobility, Inc. to collect this data when the Hip Mobility, Inc. app is running in the foreground (app open and on-screen) or background (app open but not on-screen) of their mobile device.
Please take the following steps to disable the Hip Mobility, Inc. app's ability to collect precise location data:
On iOS
Settings → Privacy → Location Services →Hip. → choose Never
On Android
Settings → Apps → Permission manager → Location → Hip → choose Deny
On Android Lollipop (5.1) and earlier
Settings → Location → toggle Off
● Notifications: account and updates
Hip Mobility, Inc. provides Users with notifications and updates related to activity on their account and booked loads. These notifications are a necessary part of using the Hip Mobility, Inc. app and cannot be disabled. Deactivation of location services, may inhibit the ability of the Hip Services to function properly.
● Notifications: potential loads and news
Users may enable Hip Mobility, Inc. to send push notifications about potential loads and news from Hip Mobility, Inc. Push notifications may be enabled or disabled through Settings on iOS or Android.
2. User data requests
Hip Mobility, Inc. provides Users with a variety of ways to learn about, control, and submit requests, questions, and comments about Hip Mobility, Inc.’s handling of their data. Users may submit these by email to support@ridehip.com.
• Accessing data: Users can ask for an explanation of the data we collect from them and how we use it.
● Receiving data: Users can ask for a copy of data that Hip Mobility, Inc. has collected from them with their consent or as necessary to provide our Services.
● Changing or updating data: Users can ask that Hip Mobility, Inc. change or update their data, including if they believe such data is inaccurate or incomplete.
● Deleting data: Users may request deletion of their account at any time by emailing support@ridehip.com
● Objections, restrictions, and complaints: Users may request that we stop using all or some of their personal data, or that we limit our use of their data. Hip Mobility, Inc. may continue to process data after such objection or request to the extent required or permitted by law.

Questions, comments, or complaints may also be submitted to Hip Mobility, Inc.’s Support here.
V. Updates to this Business Privacy Policy
We reserve the right to change, modify, add or remove portions of this Business Privacy Policy at any time and without prior notice, and any changes will become effective immediately upon being posted, unless we advise you otherwise. We may occasionally update this Business Privacy Policy. Use of our Services after an update constitutes consent to the updated Business Privacy Policy to the extent permitted by law.
If we make significant changes, we may notify Users in advance of the changes through the Hip applications or through other means, such as email. We encourage Users to periodically review this Business Privacy Policy and the Privacy Policy for the latest information on our privacy practices.