DapperDriver, Inc. ("DapperDriver", "we", "us", "our") operates the DapperDriver mobile application and the website at dapperdriver.com (together, the "Service"). This Privacy Policy explains what personal information we collect from shoppers, boutique partners, and DapperDriver couriers, how we use it, who we share it with, and the choices you have. By using the Service, you agree to this Policy.
If you do not agree with any part of this Policy, please do not use the Service.
We collect only what we need to deliver boutique fashion to your door, run our business, and keep your account secure. The information we collect falls into the following categories:
Payments are processed by Stripe, Inc. When you add a card, that information is sent directly from your device to Stripe — we never see or store your full card number, CVV, or expiration date. Stripe returns to us a token that we store to charge your authorized card for orders. Stripe is PCI DSS Level 1 compliant. See Stripe's Privacy Policy for how they handle your data.
The DapperDriver app may request access to your device's precise location for two narrow purposes: (1) to confirm your delivery address at checkout, and (2) so a DapperDriver can locate your door during an active delivery. We do not collect or share your background location at any other time. You can revoke location permission at any time in your device settings; the app remains usable, but you may need to enter delivery addresses manually.
If you contact aidaly@dapperdriver.com or use any in-app support feature, we keep a record of the conversation so we can help you and improve our service.
What we do not do: we do not sell your personal information to anyone, ever. We do not share your data with advertisers or third-party data brokers. We do not use your data to build profiles for targeted advertising on other platforms.
We share information only with people and services that help us run DapperDriver. We require each of them to handle your data securely and use it only for the purpose we engage them for.
| Provider | What they receive | Why |
|---|---|---|
| Stripe, Inc. | Payment information (card token), name, billing address, order amount | To process payments and pay out boutiques and drivers |
| Supabase, Inc. | Account and order data (encrypted at rest) | Database and authentication infrastructure |
| Twilio, Inc. | Phone number, order status | To send SMS order updates |
| Google Firebase | Push notification token, anonymized crash reports | To send push notifications and improve app stability |
| Railway Corp. | Server-side data in transit and at rest | Application hosting |
The boutique fulfilling your order receives your name, the items you ordered, and the delivery address. They do not receive your payment information or any data unrelated to your order.
The DapperDriver assigned to your delivery receives your name, phone number, the items being delivered (number of bags, fragility), the pickup boutique address, and your delivery address. After the delivery is complete, the driver no longer has access to that information in our system.
We may disclose information if required by law, valid legal process, or to protect the rights, safety, or property of DapperDriver, our users, or others. We will notify you when we can.
If DapperDriver is acquired or merges with another company, your information may be transferred as part of that transaction. We will notify you in advance of any such transfer.
Regardless of where you live, you can:
To exercise any of these rights, write to aidaly@dapperdriver.com. We will respond within thirty (30) days.
You can delete your DapperDriver account at any time:
When you delete your account, we remove your personal information from our active systems within 30 days. Order records may be retained in anonymized or aggregated form to comply with the legal retention periods listed in Section 5.
If you are a resident of California, you have additional rights under the California Consumer Privacy Act, as amended by the California Privacy Rights Act:
To exercise these rights, contact aidaly@dapperdriver.com. We may need to verify your identity before responding.
If you are in the European Economic Area, the United Kingdom, or Switzerland, the General Data Protection Regulation gives you the following rights:
The legal bases on which we process your data:
Our data controller is DapperDriver, Inc. To exercise GDPR rights, write to aidaly@dapperdriver.com.
DapperDriver is not directed to children under 13. We do not knowingly collect personal information from anyone under 13. If you believe a child has provided us with personal information, please contact aidaly@dapperdriver.com and we will delete it promptly.
You must be 18 or older to place orders. If you are between 13 and 17, you may use the Service only with the involvement and consent of a parent or guardian.
We protect your information using industry-standard practices: TLS encryption for all data in transit, encryption at rest in our databases, hashed passwords, scoped access for our team, and routine security review of our infrastructure providers. No method of transmission or storage is perfectly secure, and we cannot guarantee absolute security; we work to minimize risk and respond promptly to any incident.
If we discover a security incident that materially affects your personal information, we will notify you and the appropriate regulators as required by law.
DapperDriver is based in the United States, and our service providers are primarily based in the United States. If you use the Service from outside the United States, your information will be transferred to and processed in the U.S. For transfers from the European Economic Area, the United Kingdom, or Switzerland, we rely on the European Commission's Standard Contractual Clauses (or equivalent UK transfer mechanisms) with our service providers.
The DapperDriver app may send push notifications about your orders (transactional) and, if you opt in, about new boutiques and weekly letters (marketing). You can disable push notifications at any time in your device's system settings. Disabling them does not affect the rest of the Service.
Our website uses only essential cookies necessary for site functions like the waitlist form. We do not use third-party advertising cookies or cross-site tracking pixels. We may use privacy-respecting, server-side analytics (such as Plausible) that do not place identifying cookies in your browser.
We may update this Privacy Policy as our practices, our service providers, or applicable law change. When we make material changes, we will post the updated Policy here, change the "Effective" date at the top, and notify you in the app or by email at least 30 days before the change takes effect. Your continued use of the Service after the effective date means you accept the updated Policy.
For privacy questions, requests, or complaints, email aidaly@dapperdriver.com. We aim to respond to every privacy inquiry within five (5) business days, and to resolve formal requests within thirty (30) days.