Dispatch Stream

Dispatch Stream - Privacy Policy Multi-Tenant SaaS

Effective: April 22, 2026 | Version: 1.6.6

See also: Terms of Service | Cookie Policy | Licenses & Notices | Security | Legal Home

Plain-English summary: Dispatch Stream is a business platform. We collect account and operational data to run the service, security data to protect it, and usage data to improve it. Some optional features, including Bisoka Copilot and document-processing workflows, may send limited business data, captured posting details, tracked email thread excerpts, or selected uploaded documents to service providers that help us generate drafts, extract fields, or classify results. We do not sell personal information. Companies control their data and who can access it.

1) Scope

This Privacy Policy explains how Dispatch Stream, LLC ("Dispatch Stream", "we", "us", "our"), an Illinois limited liability company, collects, uses, and shares information in connection with our websites, applications, connected services, and related features (the "Service").

If you use Dispatch Stream through your employer or another organization, that organization is the "Customer" and controls how Customer Data is processed. We act as a service provider/processor for Customer Data.

This Privacy Policy is incorporated into the Terms of Service. If there is a conflict, the Terms of Service control.

2) Information We Collect

2.1 Account and profile information

Name, email address, phone number, job role, and account sign-in details.
Company details such as company name, DOT/MC numbers, billing address, and company settings.
User management data such as role assignments, invitation status, and access controls.
Security enrollment details such as passkey credential metadata, text-message recovery enrollment status, and sign-in or activation state.
Notification preferences, alert channels, and delivery settings.

2.2 Operational data (Customer Data)

Loads, dispatch records, route and stop schedules, mileage calculations, driver and vehicle details, maintenance, invoices, and uploaded documents.
Driver portal submissions such as proof of delivery, photos, notes, and other paperwork uploaded by drivers.
Company or equipment documents you choose to make available to drivers through the Driver Portal.
Repair shop and vendor contacts, work orders, and preventive maintenance schedules when you use those features.
Broker, shipper, consignee, and carrier contacts; load tenders; rate confirmations; and customer payment terms.
Driver recruiting, onboarding, and safety records (for example, license/endorsement data, employment history, compliance records, incident or accident reports, emergency contacts, and availability or time-off requests) when you use those features.
Accounting and pay records (for example, invoices, statements, deductions, payee records, pay setup records, and tax identifiers like EINs) when you use those features.
Invoice/statement delivery details and payment instructions you provide (for example, recipient emails, remittance addresses, factoring contacts, and remit notes).
Reports, analytics, and summaries generated from your data (for example, performance dashboards or year-end review summaries).
Document reading/extraction results (for example, parsed fields) when you enable auto-fill or document processing.
Support requests, help tickets, and attachments you submit (for example, screenshots or documents).
Import/export files (for example, CSV uploads/downloads) and processing logs.
Telematics or safety data from connected providers, if you authorize integrations.
Accounting exports, billing status, and integration settings when you connect payment or accounting services.
External load lead captures, posting comments or notes, load-board screenshots or visible page text, draft rankings, working offer values, and session automation settings when you use Load Leads or Bisoka Copilot.
Integration sign-in details and connection metadata (for example, provider connection grants, connection keys, incoming link secrets, access scope, and connection status) used to operate connected services.
Connected mailbox content and email workflow data such as tracked conversation threads, selected messages, recipient routing, draft content, delivery status, and rate-confirmation or related document uploads when you enable Email Hub or Bisoka features.
Messages or communications sent through the Service.
Broker contact subscription status, truck availability delivery addresses, opt-out records, and spot-load intake submissions when you use truck availability emails, broker outreach, or broker intake links.

Support submissions are optional. Please avoid sending sensitive personal information (for example, payment card numbers or government IDs) in support tickets, messages, or attachments unless we explicitly request it. You control the content you submit.

If you connect a mailbox, the provider permissions you approve may technically allow access broader than a single message. Dispatch Stream workflows are designed to process only the messages, tracked threads, metadata, selected uploads, and drafts needed to provide the enabled email or Copilot feature.

2.3 Usage, device, and security information

IP address, browser type, device identifiers, time zone, and authentication events.
Audit logs and security signals (for example, failed logins, session activity, and access attempts).
Security settings and account administration actions (for example, passkey enrollment metadata, text-message recovery status, session timeouts, or password resets).
Notification delivery metadata (for example, delivery status, timestamps, and channel used).
Diagnostic logs and error reports used to investigate issues and fulfill support requests.

When you use a passkey, Dispatch Stream may receive limited public-key credential metadata and authentication events needed to verify sign-in. Dispatch Stream does not receive your raw fingerprint, face scan, device PIN, or other local biometric secret.

2.4 Location and telemetry

Location data for vehicles, drivers, or assets when enabled by integrations or devices.
Diagnostic or status data from connected telematics systems.

2.5 Third-party and public sources

Regulatory or verification data from public sources (for example, FMCSA carrier records).
Integration data from services you connect (for example, Motive, Samsara, Anytrek, Intuit QuickBooks, RingCentral, or mapping providers).

2.6 Sensitive information

Certain safety, recruiting, or compliance features may require or allow sensitive information such as Social Security numbers, dates of birth, government IDs, medical certifications, drug test results, background checks, or emergency contact details. If you choose to provide or store sensitive information, you represent that you have a lawful basis and have provided required notices and obtained any necessary consents. You are responsible for complying with applicable employment, privacy, and recordkeeping laws.

2.7 Recruiting upload links and applicant submissions

When a Customer uses recruiting features that create an applicant upload link, we collect and process the information submitted through that link on the Customer's behalf. This may include:

Applicant contact details (for example, name, email, phone) and application identifiers.
Documents and files uploaded by the applicant (for example, CDL, medical card, certifications, or other onboarding documents).
Consent confirmations and upload metadata (for example, timestamps, device/browser information, and link usage logs).

These applicant submissions are processed for the Customer that generated the link and are not shared with other Customers. Applicants should review the Customer's privacy notices for how the Customer uses and retains applicant data.

2.8 Document request links and attestations

When a Customer sends document request links for non-recruiting workflows (for example, driver, equipment, or accident documents), we process submissions on that Customer's behalf. This may include:

Files and form data submitted through the link.
Confirmation inputs (for example, typed full name and confirmation checkbox) when required by the flow.
Submission metadata (for example, timestamps, link usage events, and device/browser context).

These submissions are visible only to the Customer that generated the link and are retained according to that Customer's settings and applicable law.

3) How We Use Information

Provide the Service: account setup, access control, billing, support, and feature delivery.
Support & troubleshooting: respond to requests, analyze logs, and resolve technical issues.
Integrations: connect, update, and process data from connected services, including incoming service calls or push feeds.
Security: fraud prevention, abuse detection, and incident response.
Notifications: send compliance alerts, OTP codes, service announcements, and account updates, including system-sent email notifications based on your preferences and server-managed resend controls.
Broker outreach, truck availability emails, and spot-load intake: deliver Customer-directed truck availability emails, accept broker-submitted spot loads through public intake links, maintain suppression status, and honor unsubscribe requests.
AI-assisted features: generate supervised drafts, summarize captured load details and tracked dispatch conversations, rank or classify pursuits, extract structured fields from documents, and flag mismatches or operational notes for review.
Product improvement: reliability, performance, and feature planning.
Communications: service notices, security alerts, and requested support.
Recruiting and onboarding: process applicant submissions, store recruiting documents, and support workflows requested by the Customer.
Driver portal: deliver driver access, display assigned loads, and handle driver-submitted paperwork.

We may generate de-identified or aggregated data for analytics and benchmarking. This data does not identify you or your users and may be used to improve the Service.

Service providers: hosting (for example, Google Cloud/Firebase), payment processing (Stripe), document processing/OCR (Google Document AI), AI/language-model providers, email delivery, and support tooling.
Communications providers: email and messaging vendors used to deliver notices, OTPs, or compliance alerts, including system-sent notification emails.
Integrations: only when you connect a third-party service and authorize access (for example, Motive, Samsara, Anytrek, Intuit QuickBooks, RingCentral). We share the minimum data necessary to perform the requested update or action.
AI and document-processing workflows: limited excerpts of captured postings, tracked dispatch threads, selected uploaded documents, and related structured fields may be shared with providers that help us generate drafts, extract fields, classify replies, or flag mismatches when you enable those features.
Customer-directed upload-link submissions: recruiting and document-link uploads are shared with and visible to the Customer that generated the link, and not to other Customers.
Public data and mapping: limited identifiers sent to providers such as FMCSA or Google Maps to validate company data or resolve addresses.
Legal: to comply with law, enforce agreements, or protect rights and safety.
Business transfers: in connection with a merger, acquisition, or sale of assets.

We do not sell personal information. If we plan to share data in a way that requires consent, we will obtain it.

5) Cookies and Tracking

We use cookies and similar technologies for authentication, security, and service performance. Some analytics may be used to understand usage and improve the Service. See our Cookie Policy for details.

Most browsers allow you to control cookies. Blocking essential cookies may prevent the Service from working correctly.

6) Retention

We retain information as long as needed to provide the Service, meet legal obligations, resolve disputes, and enforce agreements. Retention periods vary by data type, account status, and legal requirements.

Unless a different period is required by law or stated in a written enterprise agreement, these general retention practices apply:

Active workspace operational data: retained while the Customer account is active and the data is needed to provide the Service.
Canceled or downgraded workspaces: data may remain available for a post-termination period and may then be deleted or de-identified from active systems based on account status, Customer instructions, product settings, operational needs, and legal requirements.
Workspace-level deletion notices: if we schedule deletion from active systems, we may notify owner/admin or billing contacts when practicable.
Billing, tax, security, and legal records: retained as needed for accounting, fraud prevention, dispute resolution, security response, compliance, and legal hold.
AI, draft, and automation audit records: retained as needed to operate Copilot features, investigate disputes, measure usage, support billing, and maintain abuse-prevention and security controls.
Pay, recruiting, and document-link records: retained according to Customer instructions, product settings, and applicable law when those features are used.
Backups: retained for limited disaster-recovery windows and then overwritten in the normal backup cycle.

Truck posting records may be retained or deleted based on posting type, activity, operational need, and legal requirements. System-created automatic truck postings may be removed sooner than manual postings or postings with offer activity.

Recruiting and applicant documents are retained based on the Customer's instructions and applicable laws, and may be deleted or de-identified when no longer needed for recruiting, compliance, or legal purposes. Driver-submitted paperwork and shared equipment/company documents are retained based on the Customer's instructions and operational requirements. Certain driver-uploaded submissions (for example, pending or unapproved paperwork) may be automatically removed after a configured retention period unless the Customer changes those settings.

We may preserve data longer if required by law, subpoena, court order, investigation, or legal hold. If you request deletion, we will process valid requests subject to legal exceptions, backup cycles, and fraud/security safeguards.

7) Security

We use reasonable administrative, technical, and physical safeguards to protect information. No system is completely secure. See Security for an overview of controls.

8) Your Rights & Choices

8.1 Account and marketing

Update your account information from your profile or by contacting support.
Opt out of marketing or truck availability email communications using the unsubscribe instructions or links in emails.

8.2 U.S. state privacy rights

Depending on where you live, you may have rights to request access, correction, deletion, or portability of personal information, and to appeal certain privacy decisions. Where required by law, we will honor valid requests. We may verify identity and authority before processing requests.

8.3 California privacy rights

California residents may request access, deletion, or correction of personal information and may opt out of the sale or sharing of personal information, subject to applicable legal exceptions. We do not sell personal information. Requests can be submitted using the contact details below.

8.4 EU/UK privacy rights

EU/UK residents may have rights to access, correct, delete, restrict processing, object, and data portability. We will honor valid requests where required by law.

8.5 Nevada residents

Nevada residents may opt out of the sale of personal information. We do not sell personal information.

8.6 Applicants and recruiting data

If you are an applicant submitting information to a Customer through a recruiting upload link, that Customer controls your data. Requests to access, correct, or delete applicant information should be directed to the Customer that invited you.

9) International Transfers

Dispatch Stream is headquartered in the United States. We may process information in the U.S. or other countries where we or our service providers operate. Where required, we use contractual safeguards for international transfers.

10) Children

The Service is not intended for children under 16. We do not knowingly collect personal information from children.

11) Changes

We may update this Privacy Policy. We will provide notice of material changes and update the effective date above. For material updates that require consent under applicable law, we will request additional in-product acceptance.

Contact

Dispatch Stream, LLC
Attn: Privacy
256 Central Ave
# 72242
Roselle, IL 60172
Email: privacy@dispatchstream.com