LimoFlow logo

Privacy Policy

Effective Date: May 1, 2026
Last updated: May 1, 2026

1. Introduction

This Privacy Policy explains how Clever Coders LLC ("we," "us," or "our"), the operator of the LimoFlow platform (the "Service"), collects, uses, discloses, and safeguards information in connection with the Service.

LimoFlow is a business-to-business (B2B) software-as-a-service platform provided to ground transportation companies ("Tenants," "Customers," or "limo companies"). Tenants use the Service to manage their reservations, fleets, drivers, customers, billing, and communications. LimoFlow does not directly provide transportation services to passengers, employ drivers, or own vehicles.

This Policy applies globally to our processing of personal information through the Service. While the majority of our Tenants are located in the United States, we have Tenants and end users in other jurisdictions, including the United Kingdom, the European Union (including France and Austria), Australia, Canada, and Mexico. Region-specific disclosures appear in Sections 12, 13, and 14.

This Policy should be read together with our Terms of Service, which govern your use of the Service.

2. Information We Collect

The information we collect, and our role with respect to that information, depends on who you are and how you interact with the Service. See Section 13 for more on our role as controller or processor.

2.1 Information from Tenant Users (limo company personnel)

When a Tenant signs up for the Service, or when individuals at a Tenant create accounts or use the Service on the Tenant's behalf, we collect:

  • Account and contact information (name, business name, email address, phone number, job title)
  • Authentication and security data (hashed passwords, multi-factor authentication tokens, login activity)
  • Billing and subscription information (billing contact, billing address; payment card details are processed and stored by our third-party billing provider, not by LimoFlow directly)
  • Communications with our support, sales, and operations teams
  • Configuration and content created by the Tenant within the Service

2.2 Passenger Information (processed on behalf of Tenants)

Tenants use the Service to manage bookings made by their own customers ("Passengers"). On Tenants' behalf, we process:

  • Passenger name, email, phone number, and billing/payment details
  • Reservation details, including pickup and drop-off locations, dates and times, flight information, special instructions, and party size
  • Booking history, ride packages, promo code usage, and corporate account associations
  • Messages and notifications sent or received in connection with a booking (email, SMS, in-app)
  • Reviews, ratings, and feedback submitted by Passengers

Tenants determine what Passenger information is collected and how it is used. LimoFlow processes this information solely to provide the Service to the Tenant.

2.3 Driver Information (processed on behalf of Tenants)

For drivers engaged by Tenants, we may process:

  • Name, contact information, and driver profile data entered by the Tenant
  • Authentication credentials for the driver mobile application
  • GPS / location data while a driver is actively on a trip or has the driver app set to share location
  • Trip assignments, status updates, and performance reviews

LimoFlow does not employ drivers, conduct background checks, or verify driver credentials. Tenants are solely responsible for these activities.

2.4 Information Collected Automatically

When you access the Service, we automatically collect:

  • Device and connection data (IP address, browser type, operating system, device identifiers)
  • Usage data (pages viewed, features used, timestamps, clickstream activity)
  • Approximate location derived from IP address
  • Cookies and similar tracking technologies (see Section 19)
  • Email engagement data, including open and click tracking via pixels and tracked links (see Section 16)

2.5 Information from Third Parties

We may receive information about you from third parties, including payment providers (transaction status), flight tracking providers, mapping and routing services, GNET (industry dispatch network, when a Tenant participates), authentication providers, and marketing or attribution partners.

3. How We Use Your Information

3.1 LimoFlow's Own Purposes (as a Controller)

For information about Tenant users and individuals who otherwise interact directly with us, we use personal information to:

  • Provide, operate, maintain, and secure the Service
  • Authenticate users and manage accounts and subscriptions
  • Bill and collect subscription fees and respond to billing inquiries
  • Provide customer support, training, and onboarding
  • Send transactional, administrative, and (where permitted) marketing communications about the Service
  • Detect, investigate, and prevent fraud, abuse, security incidents, and policy violations
  • Improve and develop the Service, including through analytics, benchmarking, and product research using aggregated and de-identified data (see Section 20)
  • Comply with legal obligations and enforce our Terms of Service

3.2 Processing on Behalf of Tenants (as a Processor)

For Passenger and driver information processed through the Service, we act as a processor on behalf of the Tenant. We use this information only to:

  • Provide the Service to the Tenant in accordance with the Terms of Service and any applicable data processing terms
  • Perform tasks instructed or configured by the Tenant (such as sending booking confirmations, dispatching trips, or generating receipts)
  • Maintain security and integrity of the platform
  • Comply with applicable law

We do not use Passenger or driver personal information for our own marketing purposes.

4. How We Share Your Information

We share personal information with the following categories of recipients:

  • Tenants. Passenger and driver information is made available to the Tenant who controls that data. Tenant user information may be shared with the Tenant organization (e.g., account administrators).
  • Sub-processors and service providers. Including hosting and infrastructure providers, payment facilitation providers (Stripe Connect, Fiserv), email and SMS delivery providers, AI service providers, mapping and flight tracking providers, analytics providers, and customer support tools. See Section 18.
  • GNET and farm-out partners. When a Tenant uses the GNET integration or otherwise farms out a trip to another operator, relevant booking and Passenger information is shared with the receiving operator at the Tenant's direction.
  • Legal and regulatory authorities. When required by law, subpoena, court order, or other legal process, or to protect the rights, property, or safety of LimoFlow, our Tenants, or others.
  • Corporate transactions. In connection with a merger, acquisition, financing, reorganization, or sale of assets, subject to confidentiality safeguards.
  • With your consent or at your direction.

We do not sell personal information. We do not "share" personal information for cross-context behavioral advertising as defined under California law.

5. Data Retention

We retain personal information for as long as needed to provide the Service, comply with legal obligations, resolve disputes, and enforce our agreements.

  • Tenant account data: Retained for the duration of the subscription. Following termination or expiration, Tenants have 30 days to request export of their data, as set out in our Terms of Service. After this window, Tenant data is deleted or anonymized within a reasonable period (typically within 60 days), except as required to be retained by law or for legitimate business purposes such as fraud prevention, tax, or accounting records.
  • Passenger and driver data: Retained according to the Tenant's configuration and instructions. Tenants are responsible for setting appropriate retention periods for the personal data they control.
  • Backups and logs: May persist for a limited additional period in our routine backup and audit logs before being overwritten or purged.
  • Aggregated and de-identified data: May be retained indefinitely (see Section 20).

6. Your Data Protection Rights

Depending on your jurisdiction, you may have the following rights:

  • The right to access, update, or correct your personal information
  • The right to request deletion or erasure of your personal information
  • The right to object to or restrict certain processing
  • The right to data portability
  • The right to withdraw consent (where processing is based on consent)
  • The right not to be subject to discrimination for exercising your rights
  • The right to lodge a complaint with a supervisory authority

If you are a Passenger or driver, the Tenant (the limo company that booked your ride or engaged you as a driver) is the controller of your personal data. Please direct rights requests to that Tenant in the first instance. We will assist Tenants in responding to such requests as required by law.

If you are a Tenant user, or otherwise interact with us directly, you can exercise your rights by contacting privacy@limoflow.com. We will respond within the timeframes required by applicable law. We may need to verify your identity before fulfilling certain requests.

7. Data Security

We implement appropriate technical and organizational measures designed to protect personal information, including:

  • Encryption of data in transit (TLS) and at rest where appropriate
  • Role-based access controls (RBAC) and the principle of least privilege
  • Audit logging of administrative and support actions, including support staff impersonation events (see Section 23)
  • Multi-tenant architecture with logical data isolation between Tenants
  • Regular security reviews and patching of our infrastructure
  • Vendor due diligence for sub-processors handling personal data

No method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security. Tenants are responsible for safeguarding their own login credentials and access controls.

8. International Data Transfers

LimoFlow is operated from the United States, and our primary infrastructure providers are located in the United States. When you access or use the Service from outside the United States, your information will be transferred to, stored, and processed in the United States and other countries that may have data protection laws different from those of your country of residence.

Where personal data is transferred from the European Economic Area, the United Kingdom, or Switzerland to a country that has not received an adequacy decision, we rely on appropriate safeguards, including the European Commission's Standard Contractual Clauses (SCCs) and the UK's International Data Transfer Addendum (IDTA) or international data transfer agreement, as applicable. Tenants subject to these regimes may request a copy of the relevant transfer mechanisms by contacting privacy@limoflow.com.

9. Children's Privacy

The Service is not directed to, and we do not knowingly collect personal information from, children under the age of 16. If you become aware that a child has provided personal information through the Service, please contact us at privacy@limoflow.com and we will take appropriate steps to delete it.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page. Material changes will be communicated to Tenants through the Service or by email. Continued use of the Service after the effective date of any update constitutes acceptance of the updated Policy.

11. Contact Us

If you have questions about this Privacy Policy or our privacy practices, you can reach us at:

Clever Coders LLC
8 The Green Street, STE A
Dover, DE 19901, United States
Email: privacy@limoflow.com
Phone: (866) 664-0697

If you are a Passenger or driver, please first contact the limo company (Tenant) that handled your booking or engagement. They are the controller of your personal data, and we will support them in responding to your request.

12. Specific Provisions for Different Regions

United States

For California residents, please see our separate CCPA Privacy Notice for disclosures and rights specific to California law (including the CCPA as amended by the CPRA). Residents of other US states with applicable privacy laws (including Virginia, Colorado, Connecticut, Utah, Texas, Oregon, and others) may have similar rights, including the right to access, correct, delete, and obtain a copy of their personal information, and to opt out of targeted advertising, sale, or certain profiling activities. To exercise these rights, contact privacy@limoflow.com.

Canada

We comply with applicable Canadian privacy laws, including the Personal Information Protection and Electronic Documents Act (PIPEDA) and Quebec's Law 25. You have the right to access, correct, and withdraw consent (subject to legal or contractual restrictions) for the processing of your personal information. You may also lodge a complaint with the Office of the Privacy Commissioner of Canada or, where applicable, the Commission d'accès à l'information du Québec.

Mexico

We adhere to the Federal Law on Protection of Personal Data Held by Private Parties (LFPDPPP). You have ARCO rights — the right to Access, Rectify, Cancel, or Oppose the processing of your personal data — and may submit requests to privacy@limoflow.com.

European Economic Area (EU/EEA)

For users in the European Economic Area, we comply with the General Data Protection Regulation (GDPR). In addition to the rights described in Section 6, you have the right to lodge a complaint with the supervisory authority in your EU member state of residence (for example, the CNIL in France or the Datenschutzbehörde in Austria). For information about our legal bases for processing, see Section 14. For Tenants requiring a Data Processing Agreement, see Section 22. We may appoint an EU representative under Article 27 of the GDPR where required; current representative information is available upon request.

United Kingdom

For users in the United Kingdom, we comply with the UK GDPR and the Data Protection Act 2018. You have substantially the same rights as those described under the EU section above. You may lodge a complaint with the UK Information Commissioner's Office (ICO) at ico.org.uk. International transfers are protected by the UK IDTA or international data transfer agreement, as applicable. We may appoint a UK representative under Article 27 of the UK GDPR where required; current representative information is available upon request.

Australia

For users in Australia, we handle personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). You have the right to access and correct your personal information and to make a complaint about our handling of personal information. Complaints may first be directed to privacy@limoflow.com; if unresolved, you may contact the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.

13. Our Role: Controller and Processor

LimoFlow's role under data protection law depends on the type of data and the relationship involved:

  • LimoFlow is a controller with respect to information about Tenant users (limo company personnel and account administrators), prospective customers, website visitors, and individuals who interact directly with our sales, support, or marketing functions. For this data, we determine the purposes and means of processing.
  • LimoFlow is a processor with respect to Passenger and driver personal data that Tenants enter, upload, or generate within the Service. The Tenant is the controller of that data and determines what is collected, how it is used, and how long it is retained. LimoFlow processes such data only on the Tenant's documented instructions, in accordance with the Terms of Service and any applicable Data Processing Agreement.

If you are a Passenger or driver and have a request or complaint about your personal data, please contact the limo company you booked with or work with first. They are best positioned to address your request, and we will support them as required by law.

14. Legal Bases for Processing (GDPR / UK GDPR)

Where the GDPR or UK GDPR applies, we process personal data on one or more of the following legal bases:

  • Performance of a contract — to provide the Service to Tenants and to perform our obligations under the Terms of Service.
  • Legitimate interests — for example, to secure and improve the Service, to prevent fraud and abuse, to support and communicate with Tenants, and to conduct analytics on aggregated and de-identified data. We balance these interests against your rights and freedoms.
  • Consent — for certain processing such as optional cookies, marketing emails where required, or other activities where consent is the appropriate legal basis. You may withdraw consent at any time without affecting the lawfulness of processing prior to withdrawal.
  • Legal obligation — to comply with applicable laws, regulations, court orders, and lawful requests from public authorities.

When LimoFlow acts as a processor on behalf of a Tenant, the Tenant is responsible for establishing the legal basis for the processing it directs.

15. Artificial Intelligence Features

The Service includes AI-powered features, which may include a customer-facing chatbot deployed on Tenant booking pages, image generation, release notes summarization, AI-assisted policy and content editing, and other AI tools (collectively, "AI Features"). These features may rely on third-party AI providers.

  • Inputs to AI Features (such as prompts, messages, or content provided by users) and outputs may be processed by third-party AI providers under their own terms.
  • We take reasonable steps to select AI providers that offer commercially appropriate confidentiality and data protection terms, including, where available, contractual restrictions against using customer inputs to train their general-purpose models.
  • AI outputs may be inaccurate, incomplete, or misleading. As described in our Terms of Service, AI outputs do not constitute legal, financial, or professional advice.
  • Tenants are responsible for the content they provide to AI Features and for reviewing AI outputs before relying on them or sharing them with Passengers or others.

16. Communications and Tracking

The Service includes communications functionality used by Tenants to interact with their Passengers, drivers, and staff:

  • Email. We send transactional emails on behalf of Tenants, including booking confirmations, receipts, and driver review requests. Emails sent through the Service may include tracking pixels and tracked links to measure delivery, open rates, and click activity. We provide aggregated and per-message analytics to Tenants.
  • SMS. We facilitate SMS messaging to Passengers and drivers at the Tenant's direction.
  • In-app messaging. The Service supports messaging between operator users and, in some configurations, between operators and Passengers or drivers.

Tenants are solely responsible for obtaining and maintaining all required consents and for complying with applicable communications laws, including the TCPA, CAN-SPAM Act, CASL, the EU ePrivacy Directive, the UK Privacy and Electronic Communications Regulations (PECR), and the Australian Spam Act 2003. See Section 29 of our Terms of Service.

For LimoFlow's own marketing communications to Tenant users, you can unsubscribe at any time using the link in our marketing emails or by contacting privacy@limoflow.com.

17. Location Data

The Service processes location data in several ways:

  • Driver GPS data. When a driver uses the LimoFlow driver mobile app and is on an active trip (or has otherwise enabled location sharing), the app transmits GPS coordinates to the Service so the Tenant can dispatch, monitor, and complete trips. Tenants determine when and how location is collected from their drivers and are responsible for notifying drivers and obtaining any required consents.
  • Pickup and drop-off locations. Booking records include addresses and coordinates that Passengers or Tenants input.
  • Flight tracking. For airport pickups, we use third-party flight tracking services to retrieve real-time flight status. This may involve flight numbers and arrival information; it does not collect personal location data from Passengers' devices.
  • IP-based geolocation. We may infer approximate location from IP address for security, analytics, and fraud prevention.

18. Third-Party Integrations and Sub-processors

We engage third-party service providers ("sub-processors") to help deliver the Service. Categories include:

  • Cloud hosting and infrastructure
  • Payment facilitation, including Stripe Connect and Fiserv. LimoFlow is not a payment processor, merchant of record, or financial institution. Tenants are the merchants of record for their Passenger transactions; payment card data is collected and processed by the applicable third-party payment processor under its own terms and PCI DSS-compliant infrastructure.
  • Email delivery and SMS providers
  • AI service providers
  • Mapping, routing, and ETA providers
  • Flight tracking providers
  • GNET (industry dispatch and farm-out network), where Tenants choose to use it
  • Analytics, error monitoring, and customer support tools
  • Marketing attribution providers (e.g., Google Ads), where applicable

A current list of sub-processors handling Tenant Personal Data is available upon request to privacy@limoflow.com. Where a Data Processing Agreement is in place, we will provide at least 30 days' advance notice of new sub-processors handling Tenant Personal Data, and Tenants may object to the addition of a sub-processor on reasonable grounds related to data protection.

Third-party services accessed through the Service are subject to their own privacy policies and terms. We are not responsible for the privacy practices of these third parties.

19. Cookies and Tracking Technologies

We and our service providers use cookies and similar tracking technologies (such as web beacons, pixels, local storage, and SDKs) to operate the Service, remember your preferences, analyze usage, and support marketing.

Categories of cookies we use include:

  • Strictly necessary — required for authentication, security, and core functionality.
  • Functional — to remember preferences and settings.
  • Analytics — to understand how the Service is used and improve it.
  • Marketing — on our public marketing pages, to measure campaign performance and deliver relevant content. We do not use marketing cookies on Tenant booking pages without the Tenant's direction.

You can control cookies through your browser settings. We honor recognized opt-out signals such as the Global Privacy Control (GPC) where required by law.

Tenants are responsible for the cookies and tracking technologies deployed on their own websites and booking pages, including obtaining any required consent under the EU ePrivacy Directive, UK PECR, or other applicable laws.

20. Aggregated and De-identified Data

We may create aggregated, anonymized, or de-identified data from personal information processed through the Service and use such data for any lawful business purpose, including analytics, benchmarking, product development, marketing, and industry research. Such data does not identify any individual or specific Tenant and is not treated as personal information under this Policy. This is consistent with Section 27 of our Terms of Service.

21. Data Breach Notification

In the event of a personal data breach affecting Tenant Personal Data, we will notify the affected Tenant without undue delay, and where feasible within 72 hours of becoming aware of the breach. Our notification will provide information reasonably necessary for the Tenant to comply with its own breach notification obligations to data subjects and regulators.

Tenants, as controllers of Passenger and driver personal data, are responsible for notifying their data subjects and supervisory authorities as required by applicable law. LimoFlow will provide reasonable cooperation and assistance.

22. Data Processing Agreement (DPA)

Tenants subject to the GDPR, UK GDPR, or other laws requiring a written processor agreement may request a Data Processing Agreement by contacting privacy@limoflow.com. Our DPA includes the contractual terms required by Article 28 of the GDPR/UK GDPR, including provisions on the subject matter, duration, nature, and purpose of processing; the categories of personal data and data subjects; security measures; sub-processors; international data transfers; and assistance with data subject rights and breach notification.

23. Support Access and Audit Logging

To provide customer support and troubleshoot issues, authorized LimoFlow support staff may access Tenant accounts, including by impersonating a Tenant user ("support impersonation"). All such access is:

  • Limited to personnel with a legitimate need;
  • Subject to confidentiality obligations and our internal access policies; and
  • Logged in an audit trail capturing the support user, the action taken, and the time of access.

Audit logs are available to assist with security investigations and to help Tenants respond to data subject requests where appropriate.

Version: 2026-05-01