May cohort full · June 2026 applications open June cohort · Apply now
Legal

Privacy Policy

Last updated: April 26, 2026

FleetPilot ("we," "us," or "our") operates the FleetPilot platform, including the website at getfleetpilot.com, the application at go.getfleetpilot.com, and all related services (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

By accessing or using the Service, you agree to this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access or use the Service.

1. Information We Collect

Information You Provide

We collect information that you voluntarily provide when you register for an account, use our Service, or contact us, including:

  • Name and email address (provided through your identity provider at sign-in, e.g., Google)
  • Fleet and vehicle information (vehicle details, ownership assignments, booking data, and earnings)
  • Financial records such as receipts, expense data, bank transaction files, and revenue reports
  • Bank account information connected via Plaid (transaction history, account names, and balances as authorized by you)
  • Owner contact information (names and email addresses of vehicle owners you manage)
  • Tax-related data including 1099-K records and Schedule C information
  • Receipt images and text submitted via SMS (phone number and message content when using our SMS receipt capture feature)
  • Communications you send to us, including support requests and feedback

Information Collected Automatically

When you access the Service, we automatically collect certain technical information, including:

  • Device information (browser type, operating system, device identifiers)
  • Log data (IP address, access times, pages viewed, referring URL)
  • Usage data (features used, actions taken within the Service)
  • Session tokens stored in secure, HttpOnly cookies for authentication
  • Cookies and similar tracking technologies (see Section 8)

Information from Third-Party Services

If you upload or connect data from third-party platforms to FleetPilot — such as Turo CSV exports, bank transaction files, QuickBooks records, or 1099-K documents — we receive and process that information on your behalf. We use it solely to provide the features you request and do not access or process it for any other purpose.

2. How We Use Your Information

We use the information we collect for the following purposes:

  • To authenticate your identity and create and manage your account
  • To provide, operate, maintain, and improve the Service
  • To process and store fleet data, generate owner statements, and produce financial reports
  • To categorize expenses, match transactions, and prepare tax-ready summaries
  • To deliver owner statements and notifications via email on your behalf
  • To sync data with third-party services you have authorized (e.g., QuickBooks)
  • To process AI-powered features when you enable them (see Section 5)
  • To detect, prevent, and address technical issues, errors, and security threats
  • To communicate with you about account updates, service changes, and support
  • To comply with applicable legal obligations

3. Data Isolation — Your Data Stays Yours

Your fleet data, financial records, vehicle information, owner details, and all related content are strictly isolated to your individual account. FleetPilot enforces workspace isolation at the application layer — every database query is filtered by your workspace ID — so that no other user can access, view, or query your data through the Service under any circumstances. We do not aggregate or cross-reference individual user data across accounts, and we do not make any user's data accessible to other users of the platform.

4. How We Share Your Information

We do not sell your personal information. We may share your information only in the following limited circumstances:

  • Service Providers (Sub-Processors): We share data with trusted third-party vendors who process it on our behalf as necessary to deliver the Service. These providers are contractually required to protect your data and may not use it for their own purposes. See Section 5 for a full list.
  • Third-Party Integrations You Authorize: When you connect integrations such as QuickBooks or import data from platforms like Turo, we share relevant data with those services only as authorized by you and only to enable the features you have requested.
  • Legal Requirements: We may disclose information if required by law, regulation, legal process, court order, or governmental authority, or if we believe disclosure is necessary to protect the safety or rights of FleetPilot, our users, or the public.
  • Business Transfers: In the event of a merger, acquisition, financing, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify you of any such change and any choices you may have.
  • With Your Explicit Consent: We may share information with third parties when you have given us your explicit consent to do so.

We do not share your data with other FleetPilot users, advertisers, or data brokers.

5. Third-Party Sub-Processors

The following third-party service providers process data on our behalf as part of delivering the Service. We have agreements in place with each provider requiring them to handle your data securely and only as directed by us.

  • Clerk, Inc.: User authentication and session management. Clerk processes your name, email address, and identity provider credentials (e.g., Google OAuth token) to authenticate you and maintain your session. FleetPilot does not store your passwords. See Clerk's Privacy Policy.
  • Neon, Inc.: Managed PostgreSQL database hosting. Stores all fleet data, financial records, account information, and application state. Data is encrypted at rest and in transit.
  • Stripe, Inc.: Subscription billing and payment processing. Stripe receives your payment card information directly — FleetPilot never stores, transmits, or has access to your full card number. Stripe is PCI-DSS Level 1 certified. See Stripe's Privacy Policy.
  • Plaid, Inc.: Bank account connectivity and transaction syncing. When you connect a bank account, Plaid accesses your financial institution on your behalf and provides FleetPilot with transaction data, account names, and balances as you authorize. Plaid does not share your bank credentials with FleetPilot. See Plaid's End-User Privacy Policy.
  • Intuit, Inc. (QuickBooks): Accounting integration. When you connect QuickBooks, FleetPilot exchanges financial data (expenses, revenue, categories) with your QuickBooks account as authorized by you. See Intuit's Privacy Statement.
  • Resend: Transactional email delivery. Used to send owner statements, workspace invitations, W-9 requests, and account notifications. Your name, email address, and message content are transmitted to Resend solely to deliver your emails.
  • Twilio, Inc.: SMS-based receipt capture. When you submit receipts by text message, Twilio processes your inbound SMS (phone number and message content) and forwards it to FleetPilot for parsing. See Twilio's Privacy Policy.
  • Anthropic, Inc. (Claude API): AI-powered receipt OCR, expense categorization, transaction matching, and financial insights generation. When these features are active, relevant data (transaction descriptions, receipt content, account summaries) is transmitted to Anthropic's API for processing. For expense categorization and OCR, only transaction metadata (amounts, merchant names, and vehicle VIN) is sent — no owner contact details. The AI fleet chat feature may include workspace context such as owner names to generate relevant responses; this data is processed transiently and not retained by Anthropic beyond each API request. You may disable AI-powered features at any time.
  • Vercel, Inc.: Application hosting for go.getfleetpilot.com and the marketing website at getfleetpilot.com. Vercel Blob is used to store uploaded files including receipt images, vehicle documents, exported statements, and tax documents. See Vercel's Privacy Policy.
  • Background Processing Infrastructure: We use third-party queuing and background job infrastructure to handle asynchronous tasks such as receipt OCR, bank transaction syncing, and document processing. These services process job payloads transiently and do not retain your data beyond task execution.
  • Google Analytics: Website analytics to understand how visitors use getfleetpilot.com. Data is collected in aggregate and subject to Google's privacy policy. You can opt out via browser settings or a browser extension.
  • Sentry (Functional Software, Inc.): Application error monitoring. Sentry captures anonymized error and performance data to help us diagnose issues. Sensitive credentials — such as banking access tokens — are explicitly redacted before events are transmitted to Sentry. We rely on Sentry's standard data minimization practices for other fields.

6. Data Security

We implement commercially reasonable technical and organizational measures to protect your information against unauthorized access, alteration, disclosure, or destruction. Key measures include:

  • Application-layer workspace isolation enforcing per-user data isolation at every database query
  • Session tokens stored in HttpOnly, Secure, SameSite cookies to prevent cross-site scripting attacks
  • Encrypted data transmission via TLS/HTTPS for all Service endpoints
  • Database encryption at rest provided by our infrastructure provider
  • Application error monitoring with sensitive credentials (e.g., banking tokens) explicitly redacted from error reports

No method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee its absolute security. If you believe your account has been compromised, please contact us immediately at hello@getfleetpilot.com.

For a full overview of our security practices, please visit our Security & Privacy page.

7. Data Retention

We retain your personal information for as long as your account is active or as needed to provide the Service. When you delete your account, we will delete or anonymize your data within a reasonable period, except where we are required to retain it for legal, tax, or compliance purposes, or to resolve disputes.

Financial records and transaction data that you have submitted may be retained for up to seven (7) years in compliance with U.S. tax record-keeping requirements, unless you request deletion and no legal obligation requires retention.

8. Your Rights and Choices

Depending on your jurisdiction, you may have the following rights regarding your personal information:

  • Access: Request a copy of the personal information we hold about you.
  • Correction: Request correction of inaccurate or incomplete information.
  • Deletion: Request deletion of your personal information, subject to legal retention requirements.
  • Portability: Request a copy of your data in a structured, commonly used format.
  • Opt-Out of AI Features: Disable AI-powered processing features in your account settings at any time.
  • Opt-Out of Marketing: Unsubscribe from marketing communications at any time by clicking the "unsubscribe" link in our emails or contacting us directly.

To exercise any of these rights, please contact us at hello@getfleetpilot.com. We will respond to your request within a reasonable timeframe consistent with applicable law.

9. Cookies and Tracking Technologies

We use the following types of cookies and similar technologies:

  • Authentication cookies: HttpOnly, Secure session tokens required for you to remain signed in. These are essential to the Service and cannot be disabled.
  • Analytics cookies: Google Analytics cookies to understand aggregate usage patterns on our marketing website. You can opt out via your browser settings or a browser extension.
  • Performance cookies: Vercel analytics to measure website performance. These do not track individual users across sites.

You can control non-essential cookie preferences through your browser settings. Disabling essential authentication cookies will prevent you from accessing your account.

10. Authentication and Clerk

FleetPilot uses Clerk, Inc. to manage user authentication and sessions. Clerk supports sign-in via Google (OAuth 2.0) and other identity providers. When you sign in, Clerk receives credentials from your identity provider and returns your name and email address to FleetPilot to create and maintain your account. FleetPilot does not store your passwords or raw OAuth tokens. Your session is maintained using secure, short-lived tokens managed by Clerk's session infrastructure. Securing your identity provider account (e.g., your Google account) is your responsibility, as it is the key to accessing FleetPilot.

11. Third-Party Links

The Service may contain links to third-party websites or services that are not owned or controlled by FleetPilot. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party services you access through our platform.

12. Children's Privacy

The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from minors. If we become aware that we have inadvertently collected personal information from a minor, we will take prompt steps to delete such information. If you believe we have collected information from a minor, please contact us at hello@getfleetpilot.com.

13. California Privacy Rights (CCPA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA):

  • The right to know what personal information we collect, use, disclose, and sell
  • The right to request deletion of your personal information
  • The right to opt out of the sale of personal information (we do not sell personal information)
  • The right to non-discrimination for exercising your privacy rights

To exercise these rights, please contact us at hello@getfleetpilot.com. We will not discriminate against you for exercising any of your CCPA rights.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy on this page and updating the "Last updated" date, and, where practicable, by sending an email notification to the address associated with your account. Your continued use of the Service after any changes constitutes your acceptance of the revised Privacy Policy. If you do not agree to the revised policy, you must stop using the Service.

15. Contact Us

If you have any questions about this Privacy Policy, our data practices, or to exercise any of your privacy rights, please contact us at:

FleetPilot
6302 Bon Terra Drive
Austin, TX 78731
Email: hello@getfleetpilot.com
Website: getfleetpilot.com