BetterSuite Privacy Policy
Last updated: April 13, 2026
This Privacy Policy describes how Lume Agency ("BetterSuite," "we," "us," or "our") collects, uses, stores, and shares personal data through the BetterSuite platform and all associated applications.
1. Introduction and Scope
BetterSuite is a Software-as-a-Service (SaaS) platform that enables businesses ("Tenant Operators" or "Tenants") to operate marketplace services across multiple verticals, including taxi and ride-hailing, e-commerce and delivery, parking management, and service booking. End users ("End Users") interact with these services as customers, drivers, merchants, service providers, or parking spot providers.
This Privacy Policy applies to all users of the BetterSuite platform, including:
- Tenant Operators who subscribe to BetterSuite to run their business operations; and
- End Users who use applications powered by BetterSuite on behalf of a Tenant.
Data Controller and Processor Roles
- For Tenant Operator account data (subscription, billing, company details): BetterSuite acts as the data controller.
- For End User data processed on behalf of Tenants (customer profiles, orders, rides, transactions): BetterSuite acts as the data processor, and the Tenant Operator is the data controller.
- For platform operations data (security logs, aggregated analytics, system telemetry): BetterSuite acts as the data controller.
Tenant Operators are responsible for establishing their own privacy notices for their End Users and for ensuring they have a lawful basis to process End User data using the BetterSuite platform.
2. Definitions
- "Platform" means the BetterSuite SaaS service, including all web dashboards, mobile applications, APIs, and supporting infrastructure.
- "Tenant" or "Tenant Operator" means a business entity that subscribes to BetterSuite to operate marketplace services.
- "End User" means any individual who creates an account within a Tenant's application, including customers, drivers, merchants, service providers, and parking spot providers.
- "Personal Data" means any information relating to an identified or identifiable natural person, as defined in GDPR Article 4(1).
- "Processing" means any operation performed on Personal Data, as defined in GDPR Article 4(2).
- "Subprocessor" means a third-party service provider engaged by BetterSuite to process Personal Data on behalf of a Tenant.
- "Verticals" means the marketplace service categories available on the Platform: Taxi, Shop, Parking, and Service.
3. Information We Collect
3.1 Account Registration Data (All Users)
When you create an account, we collect:
- Email address
- Phone number (stored in E.164 international format)
- First and last name
- Gender (optional)
- Profile photo (optional)
- Primary address, including geographic coordinates (latitude/longitude)
- Country code (ISO)
3.2 Authentication and Session Data
To secure your account and manage sessions, we collect:
- Authentication method (password, Apple Sign-In, Google Sign-In)
- Device information: platform (Android, iOS, Web, macOS, Windows, Linux), user agent string
- Push notification token (Firebase Cloud Messaging)
- Session timestamps (creation, last activity)
- IP address
3.3 Tenant Operator Data
When a business subscribes to BetterSuite, we additionally collect:
- Company/business name and slug
- Administrative contact details (name, email, phone)
- Operation area (countries, cities)
- Base currency preference
- Subscription plan selection and billing cycle
- Selected verticals (Taxi, Shop, Parking, Service)
- Stripe customer identifier (for billing)
3.4 Taxi Vertical Data
Drivers: license number, license country, license expiry date, background check status, insurance expiry date, vehicle registration expiry, vehicle details (plate number, year, color, make/model), zone assignment, employment type (owner, leased, freelancer, employee), online/offline status, last seen timestamp, preferred locale, performance metrics (rides completed, cancelled, rejected; distance driven; online time; acceptance, completion, and cancellation rates; earnings; average rating).
Passengers: saved locations (home, work, favorites) with address, geographic coordinates, optional contact name, phone number, entrance details, and floor/door code. Order history including pickup and drop-off locations.
3.5 Shop Vertical Data
Merchants: business name, business registration number, tax ID, contact email, contact phone, business address, bank account reference, performance metrics (orders completed, cancelled; revenue; preparation time; average rating), verification status.
Customers: delivery addresses, order history, payment method references.
3.6 Parking Vertical Data
Parking spot providers: business name, contact details, parking lot locations (geographic coordinates), capacity information, pricing configuration, KYC verification reference.
Customers: booking history, vehicle information (if provided).
3.7 Service Vertical Data
Service providers: business name, bio, years of experience, service zone and radius, service categories offered, availability schedule, credit balance, ratings, completed jobs, total earnings.
Customers: service request history, service location addresses.
3.8 KYC and Identity Verification Data
For regulatory compliance, we collect identity verification documents through our KYC system, which may include:
- Government-issued ID (national ID, passport)
- Driver's license
- Proof of address
- Selfie/face photo for biometric matching
- Liveness check data
- Vehicle registration and insurance documents
- Business registration documents
- Professional licenses (food handling, trade licenses, etc.)
- Bank account verification
Document metadata includes: document number (may be hashed for security), issue and expiry dates, verification status, and review notes. KYC verification is processed through our third-party provider Sumsub (see Section 7).
3.9 Location and GPS Data
During active taxi rides, we collect continuous GPS data from drivers at approximately 5-second intervals (roughly 240 data points per 20-minute ride). Each data point includes:
- Latitude and longitude
- Heading (direction of travel)
- Speed (meters per second)
- GPS accuracy (meters)
- Timestamp
This location data is collected only during active orders and is scoped to both the specific tenant and order. We do not continuously track drivers when they are offline or between orders.
End Users' saved locations (home, work, favorites) include geographic coordinates and are retained until the user deletes them or their account is closed.
3.10 Payment and Financial Data
BetterSuite does not store full credit card numbers or bank account details. Payment processing is handled by Stripe, our payment service provider. We store:
- Payment method references (tokenized by Stripe)
- Wallet balances and transaction history
- Payout account references (via Stripe Connect)
- Invoice and billing records
3.11 Communication and Notification Data
- Notification delivery preferences (push, email, SMS) per notification category
- Chat messages exchanged within the platform (e.g., driver-passenger communication)
3.12 Usage and Analytics Data
- Platform usage metrics per tenant (monthly transactions, active locations, active verticals)
- Aggregated performance analytics (driver metrics, order volumes, revenue data)
- System logs for security and operational monitoring
4. How We Use Your Information
We process Personal Data for the following purposes, each mapped to a lawful basis under GDPR Article 6:
| Purpose | Lawful Basis |
|---|---|
| Providing and operating the Platform (processing orders, dispatching rides, managing shops and bookings) | Performance of contract — Art. 6(1)(b) |
| Account creation and authentication | Performance of contract — Art. 6(1)(b) |
| KYC and identity verification | Legal obligation — Art. 6(1)(c) (AML/KYB regulations) |
| Payment processing, invoicing, and subscription billing | Performance of contract — Art. 6(1)(b) |
| Real-time location tracking during active rides | Performance of contract — Art. 6(1)(b) (required for service delivery) |
| Driver and merchant performance analytics | Legitimate interest — Art. 6(1)(f) (platform quality and safety) |
| Security, fraud detection, and abuse prevention | Legitimate interest — Art. 6(1)(f) |
| Platform improvement and aggregated analytics | Legitimate interest — Art. 6(1)(f) |
| Marketing communications (where opted in) | Consent — Art. 6(1)(a) |
| Regulatory compliance (KYC document retention, tax records) | Legal obligation — Art. 6(1)(c) |
Where we rely on legitimate interest, we have conducted balancing tests to ensure our interests do not override your fundamental rights and freedoms.
5. Location Data
What We Collect
Real-time GPS tracking occurs only during active taxi orders. We collect driver location updates at approximately 5-second intervals, including latitude, longitude, heading, speed, and accuracy.
How Long We Keep It
Location trail data is retained for 6 months from the date of collection. After this period, it is automatically deleted. This retention period supports dispute resolution, service quality analysis, and regulatory inquiries.
Saved Locations
End Users may save locations (e.g., home, work) for convenience. These are retained until the user deletes them or their account is closed.
Your Control
- Drivers: location is only collected while the app is active and an order is in progress. GPS permissions can be managed through device settings.
- Passengers: pickup and drop-off locations are recorded as part of order history. Saved locations can be deleted at any time through the app.
6. Data Storage and Security
Infrastructure
All data is stored on infrastructure managed by BetterSuite. We use:
- PostgreSQL for relational data (accounts, orders, payments, KYC records)
- ClickHouse for time-series analytics and location trail data
- Redis for session caching and real-time operational state
Security Measures
- Encryption at rest: Sensitive fields are encrypted using AES-256-GCM
- Encryption in transit: All data transmitted between clients and servers is protected by TLS
- Password security: Passwords are hashed using bcrypt with appropriate cost factors
- Multi-tenant isolation: All data is scoped by tenant identifier with database-level constraints preventing cross-tenant data access
- Session security: JWT-based authentication with refresh token rotation and device tracking
- Access control: Role-based access control with principle of least privilege
Backups
We perform regular encrypted backups to protect against data loss. Backup data is subject to the same security measures and retention policies as primary data.
7. Data Sharing and Subprocessors
We do not sell your Personal Data. We share data with the following categories of third-party service providers ("Subprocessors") strictly for the purposes of operating the Platform:
| Subprocessor | Purpose | Data Shared |
|---|---|---|
| Stripe | Payment processing, subscription billing, merchant/driver payouts (via Stripe Connect) | Tenant billing details, payment method tokens, payout account details |
| Sumsub | KYC and identity verification | Government IDs, selfies, biometric data, address documents, business registration documents |
| Google Maps | Geocoding, routing, place search, distance calculation (configurable per tenant) | Addresses, coordinates, route queries |
| Mapbox | Geocoding, routing, place search (configurable per tenant) | Addresses, coordinates, route queries |
| HERE Technologies | Geocoding, routing (configurable per tenant) | Addresses, coordinates |
| TomTom | Geocoding, routing (configurable per tenant) | Addresses, coordinates |
| Firebase (Google) | Push notifications | Device tokens, notification content |
| Email delivery providers | Transactional and notification emails (configurable per tenant) | Recipient email address, email content |
| SMS delivery providers | OTP verification and transactional SMS (configurable per tenant) | Recipient phone number, message content |
Map, email, and SMS providers are configurable per tenant. The specific provider used depends on each Tenant Operator's configuration.
Other Disclosures
We may also disclose Personal Data when:
- Required by law, regulation, or legal process (e.g., court order, subpoena)
- Necessary to protect the rights, safety, or property of BetterSuite, our users, or the public
- In connection with a merger, acquisition, or sale of assets (with prior notice to affected users)
8. Data Retention
We retain Personal Data for the following periods:
| Data Category | Retention Period | Rationale |
|---|---|---|
| KYC/identity documents | 7 years by default (configurable per tenant: 1, 3, 5, 7, or 10 years) | Anti-money laundering (AML) and regulatory compliance |
| Location trail data | 6 months from collection date | Dispute resolution, service quality, regulatory inquiries |
| Account data (customer, driver, merchant, service provider, parking provider, operator) | Deleted immediately upon account deletion request | GDPR right to erasure |
| Account data (tenant admin, partner admin) | 30-day delay after deletion request, then deleted | Administrative continuity and fraud prevention |
| Subscription and billing records | Duration of subscription plus retention required by applicable tax and accounting law | Legal and financial compliance |
| Session data | Until session expiry or explicit revocation | Security |
| Pending tenant registrations | Verification token expires after 48 hours (self-service) or 7 days (admin invite) | Security |
| Chat messages | Duration of account lifetime | Service delivery |
| Usage and billing meters | Per billing period, retained for invoice reconciliation | Financial record-keeping |
When a Tenant Operator cancels their subscription, End User data processed on behalf of that Tenant is retained for 30 days to allow for reactivation or data export, then securely deleted (except where longer retention is required by law, such as KYC documents).
9. Your Rights Under GDPR
If you are located in the European Economic Area (EEA), United Kingdom, or a jurisdiction with similar data protection laws, you have the following rights:
- Right of Access (Art. 15): Request a copy of all Personal Data we hold about you.
- Right to Rectification (Art. 16): Correct inaccurate or incomplete Personal Data via your account settings or by contacting us.
- Right to Erasure (Art. 17): Request deletion of your Personal Data, subject to our role-based deletion policy and legal retention obligations (e.g., KYC records required for AML compliance).
- Right to Restriction of Processing (Art. 18): Request that we limit the processing of your data in certain circumstances.
- Right to Data Portability (Art. 20): Request your Personal Data in a structured, commonly used, machine-readable format. Note: automated data export is not currently available; manual export will be provided upon request.
- Right to Object (Art. 21): Object to processing based on legitimate interests. We will cease processing unless we demonstrate compelling legitimate grounds.
- Right Regarding Automated Decision-Making (Art. 22): You have the right not to be subject to decisions based solely on automated processing that produce legal or similarly significant effects. Automated processes on our Platform (such as driver dispatch prioritization or KYC verification via Sumsub) include human oversight mechanisms.
- Right to Withdraw Consent: Where processing is based on your consent (e.g., marketing communications), you may withdraw consent at any time without affecting the lawfulness of prior processing.
How to Exercise Your Rights
- End Users: Please first contact your Tenant Operator (the data controller for your data). If the Tenant is unresponsive within 30 days, you may contact BetterSuite directly.
- Tenant Operators: Contact us directly at the address in Section 16.
You also have the right to lodge a complaint with your local data protection supervisory authority.
10. International Data Transfers
BetterSuite's infrastructure is hosted in data center regions that may differ from your location. When your Personal Data is transferred outside your jurisdiction, we ensure adequate protection through:
- Standard Contractual Clauses (SCCs) approved by the European Commission, where applicable
- Adequacy decisions where the destination country has been recognized as providing adequate data protection
- Subprocessor commitments: Our key subprocessors (Stripe, Sumsub, Google/Firebase) maintain their own data transfer mechanisms and certifications
We will provide information about specific transfer mechanisms upon request.
11. Data Processing Agreement
Tenant Operators who process End User Personal Data through the BetterSuite platform may request a Data Processing Agreement (DPA) that covers:
- BetterSuite's obligations as a data processor under GDPR Article 28
- Sub-processor management and notification of changes
- Data breach notification procedures (within 72 hours)
- Audit rights
- Data return and deletion upon contract termination
- Technical and organizational security measures
To request a DPA, contact us at the address in Section 16.
12. Children's Privacy
The BetterSuite platform and all associated applications are not directed to children under the age of 16 (or 13 in jurisdictions where COPPA applies). We do not knowingly collect Personal Data from children. If we become aware that we have collected Personal Data from a child without appropriate parental consent, we will take prompt steps to delete that information.
13. Cookies and Tracking Technologies
API and Backend
The BetterSuite API backend does not set tracking cookies. Authentication is handled via JWT tokens.
Mobile Applications
Mobile applications use Firebase Cloud Messaging tokens for push notification delivery and device identifiers for session management. No third-party advertising or tracking SDKs are included in BetterSuite-powered applications by default.
Web Dashboard (Admin Console)
The BetterSuite admin console uses session tokens (JWT) stored in the browser for authentication. No third-party tracking cookies are set by the admin console.
Tenant-Operated Applications
Tenant Operators may configure their own analytics or tracking tools within their applications. BetterSuite is not responsible for cookies or tracking implemented by Tenants beyond the Platform's default configuration.
14. Security Incident Notification
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms:
- We will notify the relevant supervisory authority within 72 hours of becoming aware of the breach, as required by GDPR Article 33.
- We will notify affected Tenant Operators (as data controllers) without undue delay so they can fulfill their own notification obligations to End Users.
- We will notify affected individuals directly when the breach is likely to result in a high risk to their rights and freedoms, as required by GDPR Article 34.
Notifications will include: the nature of the breach, categories of data affected, approximate number of individuals affected, likely consequences, and measures taken or proposed to mitigate the breach.
15. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.
- Material changes: We will provide at least 30 days' advance notice via email to Tenant Operators and by posting the updated policy with a revised "Last updated" date.
- Non-material changes: Updates will be posted on this page with an updated date.
Your continued use of the Platform after the effective date of changes constitutes acceptance of the updated policy. If you do not agree with any changes, you may terminate your account or subscription.
16. Contact Information
Legal Entity: Lume Agency
Email: [email protected]
Website: bettersuite.io
For privacy-specific inquiries, data subject requests, or to request a Data Processing Agreement, please use the email address above with the subject line "Privacy Request."
