Summary: ROYALS collects only the data needed to operate a safe technology platform. We do not sell your personal information. California residents have additional rights under CCPA. Payment card data is handled entirely by Stripe — we never see or store your full card number.
1. Who We Are
Anneshy ROYALS Inc. ("ROYALS," "we," "us," or "our") operates the ROYALS technology platform, including the ROYALS mobile application and the websites rideroyals.com and driveroyals.com (collectively, the "Service"). ROYALS is a technology company — not a transportation company. Transportation services are provided by independent drivers, not by ROYALS.
Our principal place of business is in the San Francisco Bay Area, California, USA.
Contact us at: privacy@anneshyroyals.com
2. Information We Collect
Information You Provide
- Account information: First name, last name, email address, phone number, and password when you create an account.
- Driver information: Driver's license number and expiry, vehicle make/model/year/plate, proof of insurance, vehicle registration, and background check consent.
- Profile preferences: Gender (optional), same-gender driver preference (optional), marketing opt-in choices.
- Communications: Messages you send to us through support channels.
Information Collected Automatically
- Precise location: GPS coordinates collected while the app is in use. Drivers share live location during active trips. Riders share location when requesting rides.
- Device information: Device type, operating system, app version, device identifiers.
- Trip data: Pickup and drop-off addresses, timestamps, distance, duration, and fare for each completed trip.
- Usage data: Features used, screens viewed, and actions taken within the app.
Payment Information
Payment card details are collected and stored directly by Stripe, Inc. We store only your card brand, last four digits, and expiry month/year for display purposes. We never store or process full card numbers.
Driver payouts are processed through Stripe Connect. We collect your bank account information for this purpose, which is transmitted directly to Stripe.
Information from Third Parties
- Google Maps: We use Google Maps APIs for address geocoding, route calculation, and map display.
- Twilio: We use Twilio to send SMS notifications. Your phone number is shared with Twilio for this purpose.
3. How We Use Your Information
- Match riders with available drivers and facilitate trips
- Process payments and pay drivers
- Send booking confirmations, reminders, and trip updates via SMS
- Verify driver identity and eligibility to drive
- Calculate fares and display pricing
- Maintain trip history and earnings records
- Detect and prevent fraud and safety incidents
- Respond to customer support inquiries
- Comply with legal obligations
- Send marketing communications (only if you opted in)
- Improve the platform through analytics
4. Location Data
Location data is central to how ROYALS works. Specifically:
- Riders: We collect your location when you open the app to request a ride and during active trips. We do not collect location when the app is closed or when you are not in an active session.
- Drivers: We collect your location when you are online and available. Location sharing stops when you go offline or close the app. During an active trip, your location is visible to your passenger.
You may disable location access in your device settings, but this will prevent you from using core app features.
5. Sharing Your Information
We share your information only as described below:
Between Riders and Drivers
When a trip is matched, we share the rider's first name, pickup location, and destination with the assigned driver. We share the driver's first name, vehicle description, license plate, and real-time location with the rider.
Service Providers
We share data with trusted service providers who help us operate the platform:
- Stripe — payment processing and driver payouts
- Twilio — SMS notifications
- Google — mapping and geocoding (Maps API)
- Hetzner — cloud infrastructure (server hosting in Germany, EU data protection standards)
Legal Requirements
We may disclose information if required by law, court order, or government request, or to protect the rights, property, or safety of ROYALS, our users, or the public.
Business Transfers
If ROYALS is acquired or merges with another company, your information may be transferred as part of that transaction. We will notify you before your information is subject to a different privacy policy.
We Do Not Sell Your Data
We do not sell, rent, or trade your personal information to third parties for their marketing purposes.
6. Data Retention
- Account data: Retained while your account is active. Deleted within 30 days of a verified account deletion request.
- Trip history: Retained for 3 years for financial and legal compliance purposes.
- Driver documents: Retained for 1 year after a driver's account is closed, for legal and compliance purposes.
- GPS location traces: Raw GPS data retained for 30 days, then aggregated/anonymized.
- Security logs: Retained for 12 months.
7. Your Rights and Choices
For All Users
- Access: Request a copy of the personal data we hold about you.
- Correction: Update incorrect information in your account settings.
- Deletion: Request deletion of your account and personal data. See our Data Deletion page for details.
- Marketing opt-out: Unsubscribe from marketing SMS at any time by replying STOP.
- Notification preferences: Manage push notification settings in your device settings or app preferences.
California Residents (CCPA)
California residents have the right to:
- Know what personal information is collected and how it is used
- Request deletion of personal information (subject to certain exceptions)
- Opt out of the sale of personal information (we do not sell data)
- Non-discrimination for exercising your privacy rights
To exercise these rights, contact us at privacy@anneshyroyals.com or visit our Data Deletion page.
8. Data Security
We implement industry-standard security measures including:
- Encryption of data in transit using TLS 1.2+
- Encrypted password storage (bcrypt, cost factor 12)
- Firewall protection and intrusion detection on our servers
- Rate limiting and account lockout to prevent brute-force attacks
- Access controls limiting employee access to personal data
- Regular security audits
No method of transmission or storage is 100% secure. If we experience a breach affecting your data, we will notify you as required by applicable law.
9. Children's Privacy
The ROYALS platform is not directed to children under 18. We do not knowingly collect personal information from children under 18. If you believe we have inadvertently collected information from a minor, please contact us immediately at privacy@anneshyroyals.com.
10. Push Notifications
With your permission, we send push notifications for ride requests, driver arrivals, and trip updates. You can disable push notifications at any time in your device settings.
11. Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will notify you via the app or by email at least 30 days before the changes take effect. Continued use of the Service after that date constitutes acceptance of the updated policy.
12. Contact Us