DIFLO

Privacy Policy

Version 2026-05-13 · Effective 2026-05-13. Issued under GDPR (EU) 2016/679 and Hungarian Info Act (2011. évi CXII. tv.).

Draft pending counsel review. Practices described here reflect the platform as built; final wording will be confirmed by a Hungarian privacy lawyer before public launch.

1. Controller

Data controller for the Diflo platform is Chillzone Kft., registered at Zichy Jenő utca 30., 1066 Budapest, Hungary. Contact for any privacy matter: info@diflo.eu. Where you (the Customer company) use Diflo to process personal data of your drivers, dispatchers, or passengers, you are the controller of that data and Diflo acts as processor on your behalf, governed by the Data Processing Agreement at /legal/dpa.

2. What we collect

2.1 Account and billing

  • Company name, address, VAT number, contact email, phone.
  • User accounts: name, email, hashed password, role flags, language preference.
  • Payment-method metadata (last4, expiry, brand) - full card data is held by Stripe.
  • Invoices, payment history, subscription state.

2.2 Operational

  • Jobs, vehicles, drivers, schedules, settlement records.
  • Audit log of user actions on the account, retained per the tier limits in the Terms.
  • Device tokens for push notifications.

2.3 Driver location and mobile telemetry

The Diflo mobile driver application collects background location while a driver has an active assignment, to compute live ETAs and show fleet position to dispatchers. Drivers are informed at install and grant permission through the standard platform permission prompt; revoking permission disables live tracking but does not block other app function. Location samples are stored at coarse resolution and pruned in line with section 6.

2.4 Passenger PII (Guest data)

Job records may contain passenger names, phone numbers, and email addresses entered by dispatchers or imported from Booking.com. This data is masked from subcontracting partners on the marketplace until a subcontract is accepted; even then, only operational fields needed to perform the job are shown.

2.5 Technical

We process server logs, IP addresses, browser/device metadata, cookies, rate-limit keys, crash reports, and security audit events. Cookies are described at /legal/cookies.

3. Legal bases and purposes

PurposeLegal basis (GDPR Art. 6)
Provide the Service to the CustomerContract performance - 6(1)(b)
Bill, invoice, prevent payment fraudContract / legal obligation - 6(1)(b), (c)
Security, abuse prevention, audit loggingLegitimate interest - 6(1)(f)
Driver location for live ETAsContract performance - 6(1)(b), with consent at the OS prompt
Tax records, statutory retentionLegal obligation - 6(1)(c)
Product improvement (aggregated)Legitimate interest - 6(1)(f)

4. Data isolation

Diflo is multi-tenant. Customer data is scoped by company and protected through application permissions and database row-level security boundaries. Users should only see data belonging to their own company or data intentionally shared through partnership, subcontracting, marketplace, or settlement workflows.

5. Sharing and third-party processors

We share personal data only where needed to operate the Service, comply with law, protect the platform, or follow Customer instructions. Subprocessors are listed at /legal/subprocessors. Notable categories include hosting, database, billing, email, maps/routing, flight data, Booking.com integration, monitoring, rate limiting, and secrets management.

6. Retention

Retention depends on the data category and subscription tier. Job history is retained according to the plan limits in the Terms; driver location history follows the operational retention period needed for live tracking, audit, abuse prevention, and incident response. Billing and tax records are retained for statutory periods. Security logs are retained as needed for audit, abuse prevention, and incident response. After cancellation, personal identifiers may be stripped or anonymised when no longer needed for legal, billing, security, or legitimate operational purposes.

7. Subcontracting and PII masking

When a job is shared through partner or marketplace workflows, Diflo limits visibility to the data needed for the receiving company to evaluate or perform the job. Passenger email, owner-only pricing, settlement details, and raw external-provider payloads are hidden unless the workflow requires disclosure.

8. Your rights

Under the GDPR you may request access, rectification, erasure, restriction, portability, objection, and withdrawal of consent where applicable. Contact info@diflo.eu. If you are a driver or passenger of a Customer, we may need to route the request to that Customer because the Customer is usually the controller of operational data.

9. Security

We use technical and organisational safeguards including encrypted transport, hashed passwords, tenant-scoped access controls, role-based permissions, audit logs, monitored infrastructure, and restricted secret handling. No internet service can be guaranteed perfectly secure.

10. Children

The Service is intended for business users and professional transport operations. It is not directed to children.

11. Changes

We may update this Privacy Policy by publishing a new version at /legal/privacy. Material changes may require renewed acceptance or additional notice.